last executing test programs: 6.276309321s ago: executing program 1 (id=2690): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x7, 0x0, 0x4) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) 5.814534605s ago: executing program 1 (id=2694): migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f00000000c0)) ioctl$auto_SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f00000001c0)) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'xfrm0\x00'}) setsockopt$auto(r1, 0x8001, 0x9, &(0x7f0000000080)='&\x00', 0x0) read$auto(r0, &(0x7f0000000040)='/dev/tty12\x00', 0x1000) 4.955987153s ago: executing program 2 (id=2698): mmap$auto(0x0, 0x20009, 0xdf, 0x400eb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40602, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) write$auto(0x3, 0x0, 0x5c8) getdents$auto(0xffffffffffffffff, 0x0, 0xc08) write$auto(0x3, 0x0, 0x5c8) 4.906077946s ago: executing program 1 (id=2699): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) mmap$auto(0x0, 0x400008, 0x1000df, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x4, 0x2020009, 0x9, 0xeb1, 0xffffffffffffffff, 0x8000) msync$auto(0x10000000000000, 0xe0, 0x6) write$auto(0xffffffffffffffff, 0x0, 0x4) 4.332026316s ago: executing program 0 (id=2700): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xffffffffffffffff, 0x0) io_uring_setup$auto(0x4, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="20002cbd7000fbdbdf2502000008dad6c34dd139"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f0000000100)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0xf, 0x0) 4.098972756s ago: executing program 3 (id=2701): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x10b142, 0x0) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/conf/team0/bc_forwarding\x00', 0x2102, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setgroups$auto(0xc00000000, 0xfffffffffffffffc) 3.962128074s ago: executing program 2 (id=2702): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000) sendfile$auto(0x1, 0x3, 0x0, 0x7ff) sendto$auto(0x3, 0x0, 0x2000f, 0x101, 0x0, 0x1c) 2.985912405s ago: executing program 2 (id=2703): close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) 2.984476094s ago: executing program 0 (id=2711): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x8000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2506, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x3a32182}, 0xed7138b}, 0x2, 0x9) recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0) recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0) 2.98383041s ago: executing program 1 (id=2704): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) bpf$auto(0x8, &(0x7f00000001c0)=@bpf_attr_0={0x7, 0x10000b3, 0x0, 0x3, 0x53400000, 0xffffffffffffffff, 0x9, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0xf, 0x7, 0x7, 0x100000001}, 0x10) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/038/001\x00', 0xa821, 0x0) mmap$auto(0x0, 0x4020009, 0x8, 0xfffffffffffffffd, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) syz_clone(0x140400, &(0x7f0000000000), 0x0, &(0x7f0000000080), &(0x7f00000000c0), 0x0) ioctl$auto_USBDEVFS_SUBMITURB32(r0, 0x802c550a, &(0x7f00000001c0)=ANY=[@ANYBLOB="02"]) 2.827393858s ago: executing program 3 (id=2705): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)={0x14, 0x0, 0x1, 0x70bd27, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4088}, 0x20000010) socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c00000014"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2.355829814s ago: executing program 3 (id=2706): r0 = socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55) setsockopt$auto(r0, 0x6, 0xd, &(0x7f0000000280)='lp\x00h\x85M\xdf\xdc\x83\x8a\xa7\xe4]U(\x01\t=\x1e\x00\x00', 0x4) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), r0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4810}, 0x800) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) 2.000435585s ago: executing program 1 (id=2707): mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x80080, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x68342, 0x0) write$auto(r2, &(0x7f0000000040)='//\xf2\x00', 0x80000000) 1.94200179s ago: executing program 2 (id=2708): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x2, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) io_uring_setup$auto(0x1, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS2\x00', 0x101f81, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) 1.799891471s ago: executing program 3 (id=2709): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) r0 = memfd_create$auto(0x0, 0x4) r1 = socket(0xa, 0x3, 0x3a) statx$auto(r0, 0x0, 0x1000, 0xbdfc, 0x0) setsockopt$auto(r1, 0x29, 0x14, 0x0, 0x56b) r2 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r2, 0x29, 0x14, 0x0, 0x56b) close_range$auto(0x2, 0x8, 0x0) 1.648702976s ago: executing program 0 (id=2710): mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2, 0x801, 0x100) sendmsg$auto_IOAM6_CMD_NS_SET_SCHEMA(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44010}, 0x20000054) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge_slave_0\x00', 0x0}) bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_5={@target_ifindex=r1, r0, 0x9c, 0x0, 0x1, @relative_fd, 0x5}, 0x96) 1.105411069s ago: executing program 3 (id=2712): mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) r0 = socket(0x1d, 0x2, 0x6) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) bind$auto(r0, &(0x7f0000000040)=@can={0x1d, r2, 0xfd}, 0x6a) io_uring_setup$auto(0x6, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x500, 0x9}, 0x7}, 0x3, 0x0) close_range$auto(0x2, 0x8, 0x0) 850.266222ms ago: executing program 0 (id=2713): r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r0, &(0x7f0000000080)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) set_mempolicy$auto(0x3, &(0x7f0000000000)=0x7, 0x9) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) ioctl$auto(0x3, 0x80045438, 0x10000000000402) unshare$auto(0x8000400) 578.632676ms ago: executing program 1 (id=2714): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, 0x0, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x8) r0 = socket(0x10, 0x2, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) syz_genetlink_get_family_id$auto_batadv(0x0, r0) 575.001929ms ago: executing program 2 (id=2715): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) pipe2$auto(0x0, 0x80) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x5, 0x0) recvmmsg$auto(0x3, 0x0, 0x7bf, 0x7bd6, 0x0) 481.79196ms ago: executing program 2 (id=2716): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) ioctl$auto_BTRFS_IOC_DEVICES_READY(0xffffffffffffffff, 0x90009427, &(0x7f0000000200)={@raw=0x9e, "234ffcd7c7a32d7b4c7b9e3a472849d9270fe3fcc7ce651fa38a7f83f7abbe173e506137f9e085ade6f382f1ef14a05599c9bcbcf066a6ae2449fc2f94cd1057c53e5ae65ee3a0eb14b092fa3d9054e923a8a1b3808d487c963ac5982e5d3ccd2e82b3c280ea925af7d8f4802d696b2742bfea189f0b190b77e1ee7e11c20c48e8e808862f668f8fc17b5d121f904ff41c280c4369b7e5adb2338b3cb1f47f11f80addb79448a2b988a44bc86385ec22516896e27ac8424cf612d050b294a6ae57934c84946e96e51cca970f5198f2e2c4e5cb644152c4c65c9a1c7ffab913516eab0548ca6fcb1d1e59ca1735e8f56ddaad384f9646dbae2c5b92bb1d1924457b73b79921d406b6fa8b20da958a51b7b0256c36af58e4c0e335f95faa2bff4def0b62dffb4b1c42118eb5667dce68c0f44e2ca8684a29424396d1ad573b179092144dd516680ebf962cc5892730a8716853b2dd10eb6382b72f7da8515968a9c55f468141c74bcd2cfb44ea8f2d2fb69c676eabb8c835ee9625fd3de2e51b8320b4e03a385856023474cb78ded636a4526923c4733bd7e3e18d763dc0dd4e5cbc56ee9f9a0f4a1cf8145ce39e00fa91f80aa099a78052656a6606d7b4a7d78c0036b32c4f7f04666a1124a4ce2ba5a44737c9c91de3d58dc698af8f476de365269d0d6099a42bf6e28aa235a581eed81aaff5c9d48ebe44bcbf0eaba03da48fc5a05398d30bf8bfe6d72ba2e1cc0bfb18f9667ddbd12a7c9059921ac52e072ef921d33059d03419bb71ef15ff07d002490031637e74eb9a6db0e70a7df94d0c99a00ba8266c832375c8d3731929646760d2f565d4f78679c1c8943a7c080dccc0642a79803e66affe566ac5d09a3390b9a85b0d4fa7e6ee57ac7f3b954d446e07fe9f688b3d761ce11817ec52823ab54cdc70d1a1de077a4c30a45f45ee2efce2ad5082a81427ec937488b4ce15c772045e096f2de38be056bdac8a41dbcd2914accd20843ada4a3e5ee734411fcf194bea4f5238688b7b48598f3567da738e8d50bef830ac72970823abcf209661008e33e077177f51dd296dc754292492e7e2f7668a11774747e8078871318d60f6f85b82cd611558eed1b728dd37877a638f657dfbec72b647462868e3b3b711cc14c48614831e9690b3d8f1e9cf12593ead4e48fbd349920af437c81df2736727bad2f0a2ee021ab07e0883f18d3e6edfdb186b1739dbad8005e1a229c5cdbfbef22d9adad164ff4ae4f8b614f0d0e8239b1b8856596ce9f87c0d12fc0afd0e39bd33a608b2b57fbab2b2c66e276912cdca99b2863ab09e9da711bacb90ee5f9650948a606e0b96de1c111dd90e37be8cd14bdf4b3679b0b7dc9ba83bb770916a91825785e8ba2870703b9cc9195ca2f0cd2c2487ab8e6abff014d16d0c9d7ec6f7b1143134089054257f616bad6ff21e567dd37b86619b49f28551655423b58bf182910e0a64ddb1aeeede3d190819602dab87d14d657cc2fff65bf608dc2bc29a582f9bdec2ff7de0f6b7af51971d3869212520b8ae14781b560d966bbdea73eda3181d89918d4eca02e3685a97022cc70e6ac3ade6c20188a9ab65bd983987d9429646e964573eda97fc6758ccfcb9dfc55df4ab057dbbbbd30eb51cc1d23124cd7f06cb440757a8641790f6570aa7d9c9dbcd7436d9f5828626df988cd1739fbfff867ec02960653b4c36d49dba20fa7b0e0b9fd4ba953587d6ed7442c877352c592ef21c6707645bd73d89fcdf986830ebe3c35ed609898727ee4c5411efcc3efdc666b208b7f09573165c3a9a61744733bd455cf424c9ad34308174e1f77c60ec005e1242f1069e0f9240224dca38bea21548e5ae1b1095231f5ce922654a7cfebf39d9e1c51b8e2bc3d07c6ab91258515f48515908a18bc5d746b397ac6b4a993c9f0a8c3ee6e2aa37bafea5cd6a542e2a95d1d97656527414f5ba8dfb8749dbcbd905d594b9b087e2ec38fbc8ed573d82b8a0ab9e66437bb01f6a98107d66dae11242963193adbdddc8750080806cc952505e4ffb8e70820a035d7fc479ca6cc9d08fe658fd0677b31d076cad8c0ad739612b412f4207651104945bad4e9555df709e1e9e8deb9bc7be5c656393bd83b29bdc15e4157658e13b98359dcc0f389d98431989bc4ff64f585f21db897ec43876054fb0c9aa600405bcd0eaf6ffa8a2c8dc3b1135e68743683f01b2425bab237a0ec91e8dafdac703d28dde4c90448bd071551f56ad5f3c7cffd9ef916e04a94ea499d1d9edfc37604f43626a278a8667d9a57f8703f7734638d1ee293fc5209e3b537ec43848fe5b70899650fc62398e72838765348f8d1c0f1bbaa70f1b293156c8d48a14a68fbf18fa96211cf21b44b81e8b941df2cc473ca30232a286938f26bbb187a143289bb2e8ee24988a52e3deac19fe71d9dca1068947d2e48e19b092916e02a96b344b578e45ef2251c19db86a1cc63f6fbede004d3b72ac8901e5ee59da729ba1b888908e893012c44ff7a233bd492c064e39453f0f67a8dcadd471389b0fe22e8edc29d3c19b880442f9a066b4ec15e135a2bfdccb66040a4776837170980bd4fb8530b736df9b8a9e40e2162e7964ec64c3e36bf50f377307eaa67adfa67d9cac908deea52d8f356b5b565c89664d035872fbb1b7aa9ee4cfe25cfd6f2dbb3378e8272f4d4e163f2332e02d5a1dd3ca8821a83ac255f311ab1e3d8d941d8854ec773e746537a5cf5503121be463b5d8760c2ad10cee727b3b6c9ec0bf165af5397fdfe80f4ccbdf259d1b65a19431d8fe264080534252c21f24bc54036c7286ce972e011191aeaf671f85264a1e898b576d471f7b9c2ca50a614857d05f41ef8e297610cba24d8d9c437b1fed872f78692d89110ef6fa6415ad469dc22ecb360aacb90ab9dad371ac3dbbc936a287954c9548d75fcc73c1656e3acfa8bc5127e5c9fe6d2b61bce47ae69522fe5c34d39257eb934af4624d257a55c72ba4d14628fcf981370448d50c4a0330372e9dcdf40bb2697824f2c7ab70ab072534c752091443e6a7b65340acac1d6d3355b4fe9cb7e9da72a9fa39b931fcffba09f79bce5aae878753997ee21c745ce3417dc4d0ec502e06d43b4f1df99ce3f5d15fed38c6508d3b3378f8e214121e47c30dce3c7150cd124e11eb7e61f09929dadc30336eb0d7d04fa58c5191a844b938fb00a3deb2e9a921acd8e0bde85ab05fc5194b7067dd41988f48eac27fd4ecee520d37cbcc79426e28e01cc3fe2da68ecb58131c167735a7814d48f359609b3307a8d7103500dd9d68ed223ecf2acbdf0dbce1a3248dc6821e345e1ed85795e72b1005e6173adfd7ebbdc9684070949afdec5c23e574c45db9b145c7ad131057ab207f6e3c09e8dfe1f6aa7e839f401a5d2ba91ede7405002834c04bd760f33b15fcf4c8f10e4cabc19bb62f1d8e053f29af84cc6e20b90d33987a9c472a791ef65c5fb1c5a496bfc7a0698997530361dd29555edbf65c9609a6ab7456264a42d5b75f34770738d91848db3f11814b03f785b663a19e1c288e341d5f8e4bb6fda56551dba9722cc36150aa8f1f3c61418ce877e25218204ff001dbf3d9ccbd66373c25754173ccb313cab589823fea47e38b8d16b4dbc50e4d4e7d3828a0c2d767c97e549c6ab9886aa07105475dcc0ebad640061247918b4dd00da8641949546b652929c3a02af2272896a775a9b6d7d7ba397cf6e2dc2d64870145882df8c412671ae534f46bbec1ce5e8c646f41dc8eb6cc3878f5e3bb518d336648b941c7afa9c1f2f53d4078c18ea3fb1a7f1c4462fbc6f2361c7008903c814c511cea3a12bc066f60b9151b5b5812cf6372cf4b641e585832fda9df95d3eb6db9cf82a02ed23408c8531a4e5eb517567b7b5a1294decba21a1ebe8b19c4f4f8ac45d7ff02933da03e134716624865195e4855ae9873c0006330c6c642436d1eeb027dde065dd4c71059ec5b9e0efb77d6ce9d1c53700276037da745acf6dec7a7ca02f8151ffddee3c62ad6f9ccaf6ed2517b9f089a372e2b6db95e14bc3219490095c80f5db4f3efbb683e632e8df50215790e6eb6d690070438b93b12eb167b629808e40e8506f53950050d814b00732ebcc31c2684305c6a9cec0b0ac1b8ec00a3498566c6023955934ca973cc029013994f83914de67fbbc05fad20ad7b53b066475568e1dd2d16f35bc559a5c1bde6b7e7266edfece42516cecda020c0e373ca7b6be48c95621bdd8ad53f526e0cfae9dfccd8f0137ccd5343831f00eeb66eb6700f89a7bcb166ca8027d0f41286b28401af865fabc0f7217bafdde4ad43d7674b0af72586a5f9f08d67abcd0572ef645b075cbcb0be6deff6024983519d211073d4b3a47a7e3b57bf8e8735f049f3cef97ecc839f7c00efb80a172b3dba894e20045976e0a158301bafbf4b5155ab4221b0863f060b100a593f3f2166c1bf7bb04a932c1704d3b84c83f09b6e5666a97b9472243ae2ba479e538bba73a03506238c9a7a209a15f3068d7d100816b90f5e1fc56cd94acbe1e01cb61b311cda6804b5adba1086aaaee88744c8232509873d028fe5d8c0094358e3c69e2defb5aac94f405314e150e4d89c2c2d853024505931381d058a46d62e1808a59a284ec198898dcae550bd4615d2261a1b6ed3b3196cd67bddd8226e5abca81d462f70ec97bdb6f6bf64d6137cd4c2ad47201322cc6a635058834ed88560521987d4f490932d3c648403d8bc4dab1aa0fecdf834a5519f55bf993cc77184837fe13521f2d08cbb6cc1b2c4165200703089860f37e793c55ad911671e735f1dde3754d38a487f854e505ff86ba9683bb6f8355fdccf214d0a2f95ac19644262b84339585fbe9b915008010c91406a03fa8cc51cd50ebec4c9a68e547408c2c0965a09ab811ebbd3b95c95b309440eaaab1e4695e8d7bb8b3ec115bf63e9fa735a4385bd126c4c8895da11100e50d92ec6115cab78c7f0d371af7f7d3cf0e25de51986d46dd5bff83a565a1d927fa2e50b36aec19e452ad6734aa1111cf4367fa26eccd51a08824db3a9f3cc7e34b4626ada2ce65813059da2dae47ba4e11df48290bbeb8e8eb0f6f8b27361d9adc5b3c12681bdd45c6b1d4fe152571c3f6cac09576d8369432ef95c072664bdee4178950694ba23a157ec672db9d43fc62fe41e7461ed5a42deb94bffd301f4851f2c225026b82e92a43c350cbe4fef6ef3eb8c541946d2b082c6c7886bec6ba7eb785202360752dd8b1f30cc08f0c59b579541b415133cd96834a56afebf6f24c70e12ec054bcd32a5fbdac56ca00d498430116cddc246336be7a34295cd0ce7da96e1b0aa2e39a6de71c2789558af62dc94a2674763cf05616bf40cc57384ca6df266fbd395328d9b2cd185213bfeaf35be16281017c653f2e5e7faf450f9a438fea2c87853131d97672573b2362461fb53905a8fd7b0a85359b2832ac853400d4a79b3b50b44bfc6cdfc83f8498ff2b66b4dea7442565dea3603a09e996dee6687c7772a209dd519aad6352995be7a975fbec5778051e1574dabcc03cc511488dc2c3e8783bac4a62f11cf4eab8755d838b3f645b64b5cce08c039e57a9c9a8993ea594d4eeb2450d78660c5325def2a6b5a882429d8df99f7e1e3911f42c50c881fc7c34dfbd09fc30eb7d21c32ce41a64566c08f934cb8f34c3abed84975843a2846ccba916880751738eeaf314f4a92d91a0909edd5382f79c38426991a65d62067831c728dca2b118260397b478b044c6fa655b4"}) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) sysfs$auto(0x2, 0x100000000000037, 0x0) fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x1, &(0x7f00000001c0)='+\x00', &(0x7f0000000280), 0x0) 458.321249ms ago: executing program 0 (id=2717): shmctl$auto(0xfffffff8, 0x7a, &(0x7f0000000180)={{0x6, 0xffffffffffffffff, 0xffffffffffffffff, 0x2bf, 0x0, 0x2, 0x200}, 0x101, 0x8, 0x8000000000000001, 0x8000, @inferred=0xffffffffffffffff, @raw=0x7, 0xaa8e, 0x0, &(0x7f0000000040)="8df1b04a163d810df286451a2721bd21364a6c2389b957ce543619", 0x0}) mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) mq_notify$auto(0x4, &(0x7f0000000040)={@sival_ptr=0x0, @inferred, 0x1, @_tid}) sendmsg$auto_NL802154_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0}, 0x80) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f00000000c0)={{0x0, 0x6, 0x0, 0xa7, &(0x7f0000000040)='~', 0x8000, 0x1}, 0x8}, 0x1, 0x9) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0xff, 0x0, 0x1, 0x3}, 0xed7138c}, 0xb, 0x0) 414.646607ms ago: executing program 3 (id=2718): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xfffe, 0x3, 0x3) recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0) 0s ago: executing program 0 (id=2719): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/system/node/node1/hugepages/hugepages-1048576kB/demote\x00', 0x183841, 0x0) write$auto(r0, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0xa) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) r2 = getpid() pipe2$auto(&(0x7f00000000c0), 0x0) process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) ioctl$auto(r1, 0x40246f4c, 0x38) kernel console output (not intermixed with test programs): 00001 RDI: 0000000000000005 [ 387.440336][T11658] RBP: 00007fe53c011df1 R08: 0000000000000000 R09: 0000000000000000 [ 387.440353][T11658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 387.440371][T11658] R13: 0000000000000000 R14: 00007fe53c1b5fa0 R15: 00007ffcc9d95168 [ 387.440413][T11658] [ 388.238435][T11673] FAULT_INJECTION: forcing a failure. [ 388.238435][T11673] name failslab, interval 1, probability 0, space 0, times 0 [ 388.285948][T11673] CPU: 1 UID: 0 PID: 11673 Comm: syz.3.2152 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 388.286112][T11673] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 388.286126][T11673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 388.286144][T11673] Call Trace: [ 388.286155][T11673] [ 388.286167][T11673] dump_stack_lvl+0x16c/0x1f0 [ 388.286219][T11673] should_fail_ex+0x512/0x640 [ 388.286248][T11673] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 388.286283][T11673] should_failslab+0xc2/0x120 [ 388.286322][T11673] __kmalloc_cache_noprof+0x6a/0x3e0 [ 388.286353][T11673] ? devinet_init_net+0x56/0x910 [ 388.286383][T11673] ? __pfx_devinet_init_net+0x10/0x10 [ 388.286411][T11673] devinet_init_net+0x56/0x910 [ 388.286437][T11673] ? __pfx_devinet_init_net+0x10/0x10 [ 388.286464][T11673] ops_init+0x1e2/0x5f0 [ 388.286513][T11673] setup_net+0x10f/0x380 [ 388.286556][T11673] ? lockdep_init_map_type+0x5c/0x280 [ 388.286598][T11673] ? __pfx_setup_net+0x10/0x10 [ 388.286646][T11673] ? debug_mutex_init+0x37/0x70 [ 388.286697][T11673] copy_net_ns+0x2a6/0x5f0 [ 388.286731][T11673] create_new_namespaces+0x3ea/0xa90 [ 388.286774][T11673] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 388.286812][T11673] ksys_unshare+0x45b/0xa40 [ 388.286854][T11673] ? __pfx_ksys_unshare+0x10/0x10 [ 388.286894][T11673] ? xfd_validate_state+0x61/0x180 [ 388.286951][T11673] __x64_sys_unshare+0x31/0x40 [ 388.287003][T11673] do_syscall_64+0xcd/0x490 [ 388.287052][T11673] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 388.287084][T11673] RIP: 0033:0x7f6f51f8eb69 [ 388.287111][T11673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 388.287140][T11673] RSP: 002b:00007f6f52db9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 388.287168][T11673] RAX: ffffffffffffffda RBX: 00007f6f521b5fa0 RCX: 00007f6f51f8eb69 [ 388.287188][T11673] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 388.287207][T11673] RBP: 00007f6f52011df1 R08: 0000000000000000 R09: 0000000000000000 [ 388.287226][T11673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 388.287263][T11673] R13: 0000000000000000 R14: 00007f6f521b5fa0 R15: 00007ffcd84ccda8 [ 388.287305][T11673] [ 389.301394][T11703] FAULT_INJECTION: forcing a failure. [ 389.301394][T11703] name failslab, interval 1, probability 0, space 0, times 0 [ 389.301460][T11703] CPU: 1 UID: 0 PID: 11703 Comm: syz.3.2158 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 389.301506][T11703] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 389.301518][T11703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 389.301533][T11703] Call Trace: [ 389.301543][T11703] [ 389.301554][T11703] dump_stack_lvl+0x16c/0x1f0 [ 389.301600][T11703] should_fail_ex+0x512/0x640 [ 389.301627][T11703] ? __kmalloc_noprof+0xbf/0x510 [ 389.301663][T11703] ? nfc_llcp_build_tlv+0xfd/0x230 [ 389.301701][T11703] should_failslab+0xc2/0x120 [ 389.301737][T11703] __kmalloc_noprof+0xd2/0x510 [ 389.301780][T11703] nfc_llcp_build_tlv+0xfd/0x230 [ 389.301825][T11703] nfc_llcp_build_gb.isra.0+0x11e/0x400 [ 389.301868][T11703] ? __pfx_nfc_llcp_build_gb.isra.0+0x10/0x10 [ 389.301918][T11703] ? nfc_llcp_sdreq_timeout_work+0x370/0x560 [ 389.301971][T11703] ? lockdep_init_map_type+0x5c/0x280 [ 389.302020][T11703] nfc_llcp_register_device+0x600/0xa60 [ 389.302069][T11703] nfc_register_device+0x6d/0x3c0 [ 389.302118][T11703] nci_register_device+0x7f1/0xb80 [ 389.302157][T11703] ? __pfx_nci_register_device+0x10/0x10 [ 389.302201][T11703] ? lockdep_init_map_type+0x5c/0x280 [ 389.302250][T11703] virtual_ncidev_open+0x141/0x220 [ 389.302290][T11703] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 389.302327][T11703] misc_open+0x35a/0x420 [ 389.302364][T11703] ? __pfx_misc_open+0x10/0x10 [ 389.302400][T11703] chrdev_open+0x231/0x6a0 [ 389.302434][T11703] ? __pfx_apparmor_file_open+0x10/0x10 [ 389.302466][T11703] ? __pfx_chrdev_open+0x10/0x10 [ 389.302504][T11703] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 389.302545][T11703] do_dentry_open+0x97f/0x1530 [ 389.302581][T11703] ? __pfx_chrdev_open+0x10/0x10 [ 389.302629][T11703] vfs_open+0x82/0x3f0 [ 389.302677][T11703] path_openat+0x1de4/0x2cb0 [ 389.302723][T11703] ? __pfx_path_openat+0x10/0x10 [ 389.302760][T11703] ? __lock_acquire+0xb8a/0x1c90 [ 389.302805][T11703] do_filp_open+0x20b/0x470 [ 389.302839][T11703] ? __pfx_do_filp_open+0x10/0x10 [ 389.302907][T11703] ? alloc_fd+0x471/0x7d0 [ 389.302960][T11703] do_sys_openat2+0x11b/0x1d0 [ 389.303002][T11703] ? __pfx_do_sys_openat2+0x10/0x10 [ 389.303064][T11703] __x64_sys_openat+0x174/0x210 [ 389.303111][T11703] ? __pfx___x64_sys_openat+0x10/0x10 [ 389.303175][T11703] do_syscall_64+0xcd/0x490 [ 389.303222][T11703] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 389.303252][T11703] RIP: 0033:0x7f6f51f8eb69 [ 389.303277][T11703] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 389.303306][T11703] RSP: 002b:00007f6f52db9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 389.303335][T11703] RAX: ffffffffffffffda RBX: 00007f6f521b5fa0 RCX: 00007f6f51f8eb69 [ 389.303354][T11703] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 389.303372][T11703] RBP: 00007f6f52011df1 R08: 0000000000000000 R09: 0000000000000000 [ 389.303389][T11703] R10: 000000000000001f R11: 0000000000000246 R12: 0000000000000000 [ 389.303407][T11703] R13: 0000000000000000 R14: 00007f6f521b5fa0 R15: 00007ffcd84ccda8 [ 389.303448][T11703] [ 389.708662][T11720] [U]  [ 389.708730][T11720] [U] [ 389.708772][T11720] [U] [ 389.708817][T11720] [U] [ 389.709030][T11720] [U] [ 389.709079][T11720] [U] [ 389.709119][T11720] [U] [ 389.709182][T11720] [U] [ 389.719899][T11720] [U] [ 389.719974][T11720] [U] [ 389.720036][T11720] [U] [ 389.720086][T11720] [U] [ 389.720318][T11720] [U] [ 389.720371][T11720] [U] [ 389.720421][T11720] [U] [ 389.720473][T11720] [U] [ 389.720782][T11720] [U] [ 389.720835][T11720] [U] [ 389.720884][T11720] [U] [ 389.720935][T11720] [U] [ 389.721179][T11720] [U] [ 389.721228][T11720] [U] [ 389.721278][T11720] [U] [ 389.721327][T11720] [U] [ 389.721642][T11720] [U] [ 389.721695][T11720] [U] [ 389.721746][T11720] [U] [ 389.721794][T11720] [U] [ 389.722032][T11720] [U] [ 389.722082][T11720] [U] [ 389.722131][T11720] [U] [ 389.722180][T11720] [U] [ 389.722477][T11720] [U] [ 389.722515][T11720] [U] [ 389.722554][T11720] [U] [ 389.722590][T11720] [U] [ 389.722795][T11720] [U] [ 389.722845][T11720] [U] [ 389.722884][T11720] [U] [ 389.722924][T11720] [U] [ 389.723194][T11720] [U] [ 390.076974][T11720] [U] [ 390.077020][T11720] [U] [ 390.077057][T11720] [U] [ 390.138392][T11720] [U] [ 390.138446][T11720] [U] [ 390.138493][T11720] [U] [ 390.138537][T11720] [U] [ 390.142282][T11720] [U] [ 390.142337][T11720] [U] [ 390.142386][T11720] [U] [ 390.142436][T11720] [U] [ 390.142667][T11720] [U] [ 390.142724][T11720] [U] [ 390.142774][T11720] [U] [ 390.142823][T11720] [U] [ 390.143150][T11720] [U] [ 390.143202][T11720] [U] [ 390.143252][T11720] [U] [ 390.143301][T11720] [U] [ 390.143529][T11720] [U] [ 390.143579][T11720] [U] [ 390.143624][T11720] [U] [ 390.143662][T11720] [U] [ 390.143975][T11720] [U] [ 390.144026][T11720] [U] [ 390.144076][T11720] [U] [ 390.144125][T11720] [U] [ 390.144355][T11720] [U] [ 390.144404][T11720] [U] [ 390.144493][T11720] [U] [ 390.144543][T11720] [U] [ 390.144870][T11720] [U] [ 390.144919][T11720] [U] [ 390.144969][T11720] [U] [ 390.145017][T11720] [U] [ 390.145240][T11720] [U] [ 390.145288][T11720] [U] [ 390.145336][T11720] [U] [ 390.145383][T11720] [U] [ 390.145716][T11720] [U] [ 390.145765][T11720] [U] [ 390.145815][T11720] [U] [ 390.145876][T11720] [U] [ 390.146103][T11720] [U] [ 390.146153][T11720] [U] [ 390.146203][T11720] [U] [ 390.146252][T11720] [U] [ 390.146573][T11720] [U] [ 390.146623][T11720] [U] [ 390.146672][T11720] [U] [ 390.146729][T11720] [U] [ 390.147031][T11720] [U] [ 390.147081][T11720] [U] [ 390.147128][T11720] [U] [ 390.147170][T11720] [U] [ 390.158670][T11720] [U] [ 390.158736][T11720] [U] [ 390.158783][T11720] [U] [ 390.158831][T11720] [U] [ 390.159050][T11720] [U] [ 390.159098][T11720] [U] [ 390.159146][T11720] [U] [ 390.159194][T11720] [U] [ 390.159518][T11720] [U] [ 390.159569][T11720] [U] [ 390.159617][T11720] [U] [ 390.159665][T11720] [U] [ 390.159895][T11720] [U] [ 390.159941][T11720] [U] [ 390.159989][T11720] [U] [ 390.160036][T11720] [U] [ 390.160354][T11720] [U] [ 390.160400][T11720] [U] [ 390.160445][T11720] [U] [ 390.160488][T11720] [U] [ 390.160698][T11720] [U] [ 390.160742][T11720] [U] [ 390.160783][T11720] [U] [ 390.160826][T11720] [U] [ 390.173305][T11720] [U] [ 390.173367][T11720] [U] [ 390.173417][T11720] [U] [ 390.173466][T11720] [U] [ 390.173709][T11720] [U] [ 390.173759][T11720] [U] [ 390.173808][T11720] [U] [ 390.173857][T11720] [U] [ 390.173906][T11720] [U] [ 390.174235][T11720] [U] [ 390.174287][T11720] [U] [ 390.174337][T11720] [U] [ 390.174386][T11720] [U] [ 390.174616][T11720] [U] [ 390.174666][T11720] [U] [ 390.174723][T11720] [U] [ 390.174773][T11720] [U] [ 390.175081][T11720] [U] [ 390.175132][T11720] [U] [ 390.175182][T11720] [U] [ 390.175231][T11720] [U] [ 390.175455][T11720] [U] [ 390.175505][T11720] [U] [ 390.175555][T11720] [U] [ 390.175604][T11720] [U] [ 390.175920][T11720] [U] [ 390.175970][T11720] [U] [ 390.176019][T11720] [U] [ 390.176069][T11720] [U] [ 390.176298][T11720] [U] [ 390.176347][T11720] [U] [ 390.176396][T11720] [U] [ 390.176445][T11720] [U] [ 390.176749][T11720] [U] [ 390.176800][T11720] [U] [ 390.176849][T11720] [U] [ 390.176898][T11720] [U] [ 390.182615][T11720] [U] [ 390.182677][T11720] [U] [ 390.182738][T11720] [U] [ 390.182788][T11720] [U] [ 390.183199][T11723] [U] [ 391.599090][T11755] FAULT_INJECTION: forcing a failure. [ 391.599090][T11755] name failslab, interval 1, probability 0, space 0, times 0 [ 391.616173][T11755] CPU: 1 UID: 0 PID: 11755 Comm: syz.0.2173 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 391.616233][T11755] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 391.616246][T11755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 391.616264][T11755] Call Trace: [ 391.616274][T11755] [ 391.616286][T11755] dump_stack_lvl+0x16c/0x1f0 [ 391.616336][T11755] should_fail_ex+0x512/0x640 [ 391.616364][T11755] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 391.616409][T11755] should_failslab+0xc2/0x120 [ 391.616447][T11755] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 391.616486][T11755] ? devinet_init_net+0x9c/0x910 [ 391.616518][T11755] ? __pfx_devinet_init_net+0x10/0x10 [ 391.616548][T11755] kmemdup_noprof+0x29/0x60 [ 391.616583][T11755] devinet_init_net+0x9c/0x910 [ 391.616615][T11755] ? __pfx_devinet_init_net+0x10/0x10 [ 391.616644][T11755] ops_init+0x1e2/0x5f0 [ 391.616694][T11755] setup_net+0x10f/0x380 [ 391.616733][T11755] ? lockdep_init_map_type+0x5c/0x280 [ 391.616774][T11755] ? __pfx_setup_net+0x10/0x10 [ 391.616821][T11755] ? debug_mutex_init+0x37/0x70 [ 391.616875][T11755] copy_net_ns+0x2a6/0x5f0 [ 391.616908][T11755] create_new_namespaces+0x3ea/0xa90 [ 391.616961][T11755] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 391.617000][T11755] ksys_unshare+0x45b/0xa40 [ 391.617041][T11755] ? __pfx_ksys_unshare+0x10/0x10 [ 391.617084][T11755] ? xfd_validate_state+0x61/0x180 [ 391.617142][T11755] __x64_sys_unshare+0x31/0x40 [ 391.617181][T11755] do_syscall_64+0xcd/0x490 [ 391.617230][T11755] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 391.617260][T11755] RIP: 0033:0x7fe53bf8eb69 [ 391.617285][T11755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 391.617313][T11755] RSP: 002b:00007fe53cd7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 391.617341][T11755] RAX: ffffffffffffffda RBX: 00007fe53c1b5fa0 RCX: 00007fe53bf8eb69 [ 391.617360][T11755] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 391.617378][T11755] RBP: 00007fe53c011df1 R08: 0000000000000000 R09: 0000000000000000 [ 391.617395][T11755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 391.617412][T11755] R13: 0000000000000000 R14: 00007fe53c1b5fa0 R15: 00007ffcc9d95168 [ 391.617450][T11755] [ 392.210357][T11768] usb usb8: usbfs: interface 0 claimed by hub while 'syz.3.2178' sets config #32769 [ 392.292465][T11770] FAULT_INJECTION: forcing a failure. [ 392.292465][T11770] name failslab, interval 1, probability 0, space 0, times 0 [ 392.317178][T11770] CPU: 1 UID: 0 PID: 11770 Comm: syz.1.2179 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 392.317236][T11770] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 392.317250][T11770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 392.317267][T11770] Call Trace: [ 392.317277][T11770] [ 392.317289][T11770] dump_stack_lvl+0x16c/0x1f0 [ 392.317333][T11770] should_fail_ex+0x512/0x640 [ 392.317358][T11770] ? fs_reclaim_acquire+0xae/0x150 [ 392.317403][T11770] should_failslab+0xc2/0x120 [ 392.317442][T11770] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 392.317477][T11770] ? security_inode_alloc+0x3b/0x2b0 [ 392.317527][T11770] security_inode_alloc+0x3b/0x2b0 [ 392.317575][T11770] inode_init_always_gfp+0xce4/0x1030 [ 392.317613][T11770] alloc_inode+0x86/0x240 [ 392.317653][T11770] new_inode+0x22/0x1c0 [ 392.317695][T11770] shmem_get_inode+0x19a/0xfb0 [ 392.317748][T11770] shmem_tmpfile+0x58/0x180 [ 392.317794][T11770] vfs_tmpfile+0x2bb/0x890 [ 392.317834][T11770] path_openat+0x1683/0x2cb0 [ 392.317864][T11770] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 392.317910][T11770] ? __pfx_path_openat+0x10/0x10 [ 392.317966][T11770] do_filp_open+0x20b/0x470 [ 392.317999][T11770] ? __pfx_do_filp_open+0x10/0x10 [ 392.318064][T11770] ? _raw_spin_unlock+0x28/0x50 [ 392.318101][T11770] ? alloc_fd+0x471/0x7d0 [ 392.318143][T11770] do_sys_openat2+0x11b/0x1d0 [ 392.318187][T11770] ? __pfx_do_sys_openat2+0x10/0x10 [ 392.318246][T11770] __x64_sys_open+0x153/0x1e0 [ 392.318290][T11770] ? __pfx___x64_sys_open+0x10/0x10 [ 392.318343][T11770] ? rcu_is_watching+0x12/0xc0 [ 392.318376][T11770] do_syscall_64+0xcd/0x490 [ 392.318421][T11770] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 392.318449][T11770] RIP: 0033:0x7ff1b918eb69 [ 392.318473][T11770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 392.318500][T11770] RSP: 002b:00007ff1ba008038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 392.318535][T11770] RAX: ffffffffffffffda RBX: 00007ff1b93b5fa0 RCX: 00007ff1b918eb69 [ 392.318553][T11770] RDX: 000000000000008f RSI: 0000000000470181 RDI: 00002000000000c0 [ 392.318571][T11770] RBP: 00007ff1b9211df1 R08: 0000000000000000 R09: 0000000000000000 [ 392.318588][T11770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 392.318604][T11770] R13: 0000000000000000 R14: 00007ff1b93b5fa0 R15: 00007fff2035c978 [ 392.318648][T11770] [ 393.119792][T11788] FAULT_INJECTION: forcing a failure. [ 393.119792][T11788] name failslab, interval 1, probability 0, space 0, times 0 [ 393.153192][T11788] CPU: 1 UID: 0 PID: 11788 Comm: syz.1.2188 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 393.153250][T11788] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 393.153262][T11788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 393.153277][T11788] Call Trace: [ 393.153287][T11788] [ 393.153299][T11788] dump_stack_lvl+0x16c/0x1f0 [ 393.153344][T11788] should_fail_ex+0x512/0x640 [ 393.153371][T11788] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 393.153406][T11788] should_failslab+0xc2/0x120 [ 393.153444][T11788] __kmalloc_cache_noprof+0x6a/0x3e0 [ 393.153473][T11788] ? devinet_init_net+0x56/0x910 [ 393.153504][T11788] ? __pfx_devinet_init_net+0x10/0x10 [ 393.153534][T11788] devinet_init_net+0x56/0x910 [ 393.153565][T11788] ? __pfx_devinet_init_net+0x10/0x10 [ 393.153594][T11788] ops_init+0x1e2/0x5f0 [ 393.153654][T11788] setup_net+0x10f/0x380 [ 393.153695][T11788] ? lockdep_init_map_type+0x5c/0x280 [ 393.153736][T11788] ? __pfx_setup_net+0x10/0x10 [ 393.153783][T11788] ? debug_mutex_init+0x37/0x70 [ 393.153839][T11788] copy_net_ns+0x2a6/0x5f0 [ 393.153874][T11788] create_new_namespaces+0x3ea/0xa90 [ 393.153918][T11788] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 393.153955][T11788] ksys_unshare+0x45b/0xa40 [ 393.153990][T11788] ? __pfx_ksys_unshare+0x10/0x10 [ 393.154028][T11788] ? xfd_validate_state+0x61/0x180 [ 393.154084][T11788] __x64_sys_unshare+0x31/0x40 [ 393.154124][T11788] do_syscall_64+0xcd/0x490 [ 393.154171][T11788] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 393.154201][T11788] RIP: 0033:0x7ff1b918eb69 [ 393.154225][T11788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 393.154254][T11788] RSP: 002b:00007ff1ba008038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 393.154283][T11788] RAX: ffffffffffffffda RBX: 00007ff1b93b5fa0 RCX: 00007ff1b918eb69 [ 393.154302][T11788] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 393.154320][T11788] RBP: 00007ff1b9211df1 R08: 0000000000000000 R09: 0000000000000000 [ 393.154338][T11788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 393.154355][T11788] R13: 0000000000000000 R14: 00007ff1b93b5fa0 R15: 00007fff2035c978 [ 393.154395][T11788] [ 393.805110][T11803] netlink: 'syz.2.2194': attribute type 4 has an invalid length. [ 393.823755][T11803] netlink: 314 bytes leftover after parsing attributes in process `syz.2.2194'. [ 393.905671][T11805] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2195'. [ 394.122348][T11813] ovs_: entered promiscuous mode [ 394.285394][T11820] FAULT_INJECTION: forcing a failure. [ 394.285394][T11820] name failslab, interval 1, probability 0, space 0, times 0 [ 394.291361][T11819] FAULT_INJECTION: forcing a failure. [ 394.291361][T11819] name failslab, interval 1, probability 0, space 0, times 0 [ 394.329403][T11819] CPU: 0 UID: 0 PID: 11819 Comm: syz.0.2210 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 394.329461][T11819] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 394.329474][T11819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 394.329493][T11819] Call Trace: [ 394.329503][T11819] [ 394.329514][T11819] dump_stack_lvl+0x16c/0x1f0 [ 394.329564][T11819] should_fail_ex+0x512/0x640 [ 394.329592][T11819] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 394.329635][T11819] should_failslab+0xc2/0x120 [ 394.329672][T11819] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 394.329709][T11819] ? trace_kmem_cache_alloc+0x28/0xc0 [ 394.329749][T11819] ? key_alloc+0x43e/0x1330 [ 394.329787][T11819] kmemdup_noprof+0x29/0x60 [ 394.329822][T11819] key_alloc+0x43e/0x1330 [ 394.329867][T11819] ? __pfx_key_alloc+0x10/0x10 [ 394.329919][T11819] keyring_alloc+0x44/0xc0 [ 394.329960][T11819] install_session_keyring_to_cred+0x190/0x230 [ 394.330015][T11819] join_session_keyring+0x1b8/0x340 [ 394.330047][T11819] lookup_user_key+0x576/0x1300 [ 394.330082][T11819] ? __pfx_lookup_user_key+0x10/0x10 [ 394.330114][T11819] ? __pfx_do_futex+0x10/0x10 [ 394.330158][T11819] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 394.330217][T11819] ? __fget_files+0x20e/0x3c0 [ 394.330256][T11819] keyctl_keyring_move+0xb4/0x150 [ 394.330302][T11819] __do_sys_keyctl+0x171/0x590 [ 394.330350][T11819] do_syscall_64+0xcd/0x490 [ 394.330398][T11819] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 394.330427][T11819] RIP: 0033:0x7fe53bf8eb69 [ 394.330451][T11819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 394.330480][T11819] RSP: 002b:00007fe53cd7c038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 394.330510][T11819] RAX: ffffffffffffffda RBX: 00007fe53c1b5fa0 RCX: 00007fe53bf8eb69 [ 394.330529][T11819] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 000000000000001e [ 394.330547][T11819] RBP: 00007fe53c011df1 R08: 0000000000000001 R09: 0000000000000000 [ 394.330565][T11819] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 394.330582][T11819] R13: 0000000000000000 R14: 00007fe53c1b5fa0 R15: 00007ffcc9d95168 [ 394.330622][T11819] [ 394.355760][T11820] CPU: 1 UID: 0 PID: 11820 Comm: syz.2.2202 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 394.355899][T11820] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 394.355911][T11820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 394.355927][T11820] Call Trace: [ 394.355939][T11820] [ 394.355951][T11820] dump_stack_lvl+0x16c/0x1f0 [ 394.356014][T11820] should_fail_ex+0x512/0x640 [ 394.356038][T11820] ? __kmalloc_noprof+0xbf/0x510 [ 394.356072][T11820] ? __register_sysctl_table+0xea2/0x1900 [ 394.356108][T11820] should_failslab+0xc2/0x120 [ 394.356149][T11820] __kmalloc_noprof+0xd2/0x510 [ 394.356182][T11820] ? __register_sysctl_table+0xe8e/0x1900 [ 394.356225][T11820] __register_sysctl_table+0xea2/0x1900 [ 394.356271][T11820] ? __pfx___register_sysctl_table+0x10/0x10 [ 394.356304][T11820] ? is_module_address+0x69/0xf0 [ 394.356339][T11820] ? register_net_sysctl_sz+0x228/0x3e0 [ 394.356380][T11820] ? __asan_memcpy+0x3c/0x60 [ 394.356408][T11820] sysctl_core_net_init+0xe3/0x280 [ 394.356442][T11820] ? __pfx_sysctl_core_net_init+0x10/0x10 [ 394.356471][T11820] ops_init+0x1e2/0x5f0 [ 394.356513][T11820] setup_net+0x10f/0x380 [ 394.356546][T11820] ? lockdep_init_map_type+0x5c/0x280 [ 394.356582][T11820] ? __pfx_setup_net+0x10/0x10 [ 394.356622][T11820] ? debug_mutex_init+0x37/0x70 [ 394.356667][T11820] copy_net_ns+0x2a6/0x5f0 [ 394.356696][T11820] create_new_namespaces+0x3ea/0xa90 [ 394.356735][T11820] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 394.356767][T11820] ksys_unshare+0x45b/0xa40 [ 394.356811][T11820] ? __pfx_ksys_unshare+0x10/0x10 [ 394.356847][T11820] ? xfd_validate_state+0x61/0x180 [ 394.356899][T11820] __x64_sys_unshare+0x31/0x40 [ 394.356932][T11820] do_syscall_64+0xcd/0x490 [ 394.357066][T11820] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 394.357096][T11820] RIP: 0033:0x7fa7f498eb69 [ 394.357120][T11820] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 394.357146][T11820] RSP: 002b:00007fa7f586c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 394.357172][T11820] RAX: ffffffffffffffda RBX: 00007fa7f4bb5fa0 RCX: 00007fa7f498eb69 [ 394.357190][T11820] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 394.357206][T11820] RBP: 00007fa7f4a11df1 R08: 0000000000000000 R09: 0000000000000000 [ 394.357221][T11820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 394.357236][T11820] R13: 0000000000000000 R14: 00007fa7f4bb5fa0 R15: 00007ffd9c6cbb08 [ 394.357270][T11820] [ 394.369607][T11820] sysctl could not get directory: /net/core -12 [ 395.161432][T11838] netlink: 330 bytes leftover after parsing attributes in process `syz.3.2206'. [ 395.164531][T11834] FAULT_INJECTION: forcing a failure. [ 395.164531][T11834] name failslab, interval 1, probability 0, space 0, times 0 [ 395.197200][T11834] CPU: 1 UID: 0 PID: 11834 Comm: syz.0.2205 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 395.197253][T11834] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 395.197265][T11834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 395.197281][T11834] Call Trace: [ 395.197291][T11834] [ 395.197301][T11834] dump_stack_lvl+0x16c/0x1f0 [ 395.197345][T11834] should_fail_ex+0x512/0x640 [ 395.197372][T11834] ? __kmalloc_noprof+0xbf/0x510 [ 395.197407][T11834] ? nfc_llcp_build_tlv+0xfd/0x230 [ 395.197446][T11834] should_failslab+0xc2/0x120 [ 395.197484][T11834] __kmalloc_noprof+0xd2/0x510 [ 395.197525][T11834] nfc_llcp_build_tlv+0xfd/0x230 [ 395.197570][T11834] nfc_llcp_build_gb.isra.0+0x11e/0x400 [ 395.197611][T11834] ? __pfx_nfc_llcp_build_gb.isra.0+0x10/0x10 [ 395.197668][T11834] ? nfc_llcp_sdreq_timeout_work+0x370/0x560 [ 395.197708][T11834] ? lockdep_init_map_type+0x5c/0x280 [ 395.197753][T11834] nfc_llcp_register_device+0x600/0xa60 [ 395.197795][T11834] nfc_register_device+0x6d/0x3c0 [ 395.197841][T11834] nci_register_device+0x7f1/0xb80 [ 395.197877][T11834] ? __pfx_nci_register_device+0x10/0x10 [ 395.197916][T11834] ? lockdep_init_map_type+0x5c/0x280 [ 395.197962][T11834] virtual_ncidev_open+0x141/0x220 [ 395.198011][T11834] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 395.198048][T11834] misc_open+0x35a/0x420 [ 395.198085][T11834] ? __pfx_misc_open+0x10/0x10 [ 395.198120][T11834] chrdev_open+0x231/0x6a0 [ 395.198154][T11834] ? __pfx_apparmor_file_open+0x10/0x10 [ 395.198185][T11834] ? __pfx_chrdev_open+0x10/0x10 [ 395.198227][T11834] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 395.198265][T11834] do_dentry_open+0x97f/0x1530 [ 395.198298][T11834] ? __pfx_chrdev_open+0x10/0x10 [ 395.198342][T11834] vfs_open+0x82/0x3f0 [ 395.198387][T11834] path_openat+0x1de4/0x2cb0 [ 395.198433][T11834] ? __pfx_path_openat+0x10/0x10 [ 395.198468][T11834] ? __lock_acquire+0xb8a/0x1c90 [ 395.198510][T11834] do_filp_open+0x20b/0x470 [ 395.198540][T11834] ? __pfx_do_filp_open+0x10/0x10 [ 395.198603][T11834] ? alloc_fd+0x471/0x7d0 [ 395.198643][T11834] do_sys_openat2+0x11b/0x1d0 [ 395.198691][T11834] ? __pfx_do_sys_openat2+0x10/0x10 [ 395.198748][T11834] __x64_sys_openat+0x174/0x210 [ 395.198792][T11834] ? __pfx___x64_sys_openat+0x10/0x10 [ 395.198849][T11834] do_syscall_64+0xcd/0x490 [ 395.198889][T11834] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 395.198916][T11834] RIP: 0033:0x7fe53bf8eb69 [ 395.198939][T11834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 395.198966][T11834] RSP: 002b:00007fe53cd7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 395.198991][T11834] RAX: ffffffffffffffda RBX: 00007fe53c1b5fa0 RCX: 00007fe53bf8eb69 [ 395.199008][T11834] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 395.199025][T11834] RBP: 00007fe53c011df1 R08: 0000000000000000 R09: 0000000000000000 [ 395.199041][T11834] R10: 000000000000001f R11: 0000000000000246 R12: 0000000000000000 [ 395.199057][T11834] R13: 0000000000000000 R14: 00007fe53c1b5fa0 R15: 00007ffcc9d95168 [ 395.199096][T11834] [ 395.704238][T11841] FAULT_INJECTION: forcing a failure. [ 395.704238][T11841] name failslab, interval 1, probability 0, space 0, times 0 [ 395.718609][T11841] CPU: 1 UID: 0 PID: 11841 Comm: syz.2.2207 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 395.718721][T11841] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 395.718728][T11841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 395.718738][T11841] Call Trace: [ 395.718746][T11841] [ 395.718753][T11841] dump_stack_lvl+0x16c/0x1f0 [ 395.718784][T11841] should_fail_ex+0x512/0x640 [ 395.718801][T11841] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 395.718823][T11841] should_failslab+0xc2/0x120 [ 395.718849][T11841] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 395.718868][T11841] ? mas_alloc_nodes+0x18b/0x8b0 [ 395.718896][T11841] mas_alloc_nodes+0x18b/0x8b0 [ 395.718921][T11841] mas_node_count_gfp+0x105/0x130 [ 395.718945][T11841] mas_preallocate+0x7e0/0xde0 [ 395.718965][T11841] ? __pfx_mas_preallocate+0x10/0x10 [ 395.718990][T11841] ? __pfx___might_resched+0x10/0x10 [ 395.719009][T11841] vma_link+0x135/0x6a0 [ 395.719027][T11841] ? anon_vma_clone+0x3fe/0x5c0 [ 395.719044][T11841] ? __pfx_vma_link+0x10/0x10 [ 395.719066][T11841] ? anon_vma_clone+0x405/0x5c0 [ 395.719087][T11841] copy_vma+0x6c2/0xaa0 [ 395.719108][T11841] ? __pfx_copy_vma+0x10/0x10 [ 395.719143][T11841] ? rcu_is_watching+0x12/0xc0 [ 395.719159][T11841] ? finish_task_switch.isra.0+0x221/0xc10 [ 395.719179][T11841] copy_vma_and_data+0x1cf/0x790 [ 395.719203][T11841] ? __pfx_copy_vma_and_data+0x10/0x10 [ 395.719228][T11841] ? __vma_enter_locked+0x163/0x3f0 [ 395.719245][T11841] ? find_held_lock+0x2b/0x80 [ 395.719262][T11841] ? move_vma+0x536/0x1780 [ 395.719277][T11841] ? __vm_enough_memory+0x184/0x3f0 [ 395.719304][T11841] move_vma+0x548/0x1780 [ 395.719325][T11841] ? __pfx_move_vma+0x10/0x10 [ 395.719345][T11841] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 395.719370][T11841] ? cap_mmap_addr+0x4b/0x120 [ 395.719393][T11841] ? bpf_lsm_mmap_addr+0x9/0x10 [ 395.719415][T11841] ? security_mmap_addr+0x6c/0x1e0 [ 395.719433][T11841] ? __get_unmapped_area+0x267/0x440 [ 395.719458][T11841] ? vrm_set_new_addr+0x208/0x290 [ 395.719476][T11841] mremap_to+0x1b7/0x450 [ 395.719495][T11841] do_mremap+0x1004/0x1f80 [ 395.719522][T11841] ? __pfx_do_mremap+0x10/0x10 [ 395.719545][T11841] ? up_write+0x1b2/0x520 [ 395.719573][T11841] __do_sys_mremap+0x119/0x170 [ 395.719590][T11841] ? __pfx___do_sys_mremap+0x10/0x10 [ 395.719614][T11841] ? __x64_sys_futex+0x1e0/0x4c0 [ 395.719656][T11841] do_syscall_64+0xcd/0x490 [ 395.719684][T11841] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 395.719702][T11841] RIP: 0033:0x7fa7f498eb69 [ 395.719718][T11841] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 395.719734][T11841] RSP: 002b:00007fa7f586c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 395.719751][T11841] RAX: ffffffffffffffda RBX: 00007fa7f4bb5fa0 RCX: 00007fa7f498eb69 [ 395.719762][T11841] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 395.719771][T11841] RBP: 00007fa7f4a11df1 R08: 00007effffffb000 R09: 0000000000000000 [ 395.719780][T11841] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 395.719790][T11841] R13: 0000000000000000 R14: 00007fa7f4bb5fa0 R15: 00007ffd9c6cbb08 [ 395.719815][T11841] [ 397.141361][T11877] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2219'. [ 398.349408][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 398.567867][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 398.583868][T11902] FAULT_INJECTION: forcing a failure. [ 398.583868][T11902] name failslab, interval 1, probability 0, space 0, times 0 [ 398.620037][T11902] CPU: 0 UID: 0 PID: 11902 Comm: syz.0.2234 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 398.620072][T11902] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 398.620079][T11902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 398.620089][T11902] Call Trace: [ 398.620095][T11902] [ 398.620102][T11902] dump_stack_lvl+0x16c/0x1f0 [ 398.620132][T11902] should_fail_ex+0x512/0x640 [ 398.620149][T11902] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 398.620172][T11902] should_failslab+0xc2/0x120 [ 398.620195][T11902] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 398.620215][T11902] ? mas_alloc_nodes+0x18b/0x8b0 [ 398.620239][T11902] mas_alloc_nodes+0x18b/0x8b0 [ 398.620264][T11902] mas_node_count_gfp+0x105/0x130 [ 398.620288][T11902] mas_preallocate+0x7e0/0xde0 [ 398.620308][T11902] ? __pfx_mas_preallocate+0x10/0x10 [ 398.620332][T11902] ? __pfx___might_resched+0x10/0x10 [ 398.620352][T11902] vma_link+0x135/0x6a0 [ 398.620369][T11902] ? anon_vma_clone+0x3fe/0x5c0 [ 398.620386][T11902] ? __pfx_vma_link+0x10/0x10 [ 398.620409][T11902] ? anon_vma_clone+0x405/0x5c0 [ 398.620430][T11902] copy_vma+0x6c2/0xaa0 [ 398.620452][T11902] ? __pfx_copy_vma+0x10/0x10 [ 398.620486][T11902] ? rcu_is_watching+0x12/0xc0 [ 398.620502][T11902] ? finish_task_switch.isra.0+0x221/0xc10 [ 398.620522][T11902] copy_vma_and_data+0x1cf/0x790 [ 398.620542][T11902] ? __pfx_copy_vma_and_data+0x10/0x10 [ 398.620565][T11902] ? __vma_enter_locked+0x163/0x3f0 [ 398.620583][T11902] ? find_held_lock+0x2b/0x80 [ 398.620599][T11902] ? move_vma+0x536/0x1780 [ 398.620614][T11902] ? __vm_enough_memory+0x184/0x3f0 [ 398.620644][T11902] move_vma+0x548/0x1780 [ 398.620665][T11902] ? __pfx_move_vma+0x10/0x10 [ 398.620685][T11902] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 398.620708][T11902] ? cap_mmap_addr+0x4b/0x120 [ 398.620731][T11902] ? bpf_lsm_mmap_addr+0x9/0x10 [ 398.620753][T11902] ? security_mmap_addr+0x6c/0x1e0 [ 398.620771][T11902] ? __get_unmapped_area+0x267/0x440 [ 398.620795][T11902] ? vrm_set_new_addr+0x208/0x290 [ 398.620814][T11902] mremap_to+0x1b7/0x450 [ 398.620833][T11902] do_mremap+0x1004/0x1f80 [ 398.620860][T11902] ? __pfx_do_mremap+0x10/0x10 [ 398.620890][T11902] ? up_write+0x1b2/0x520 [ 398.620918][T11902] __do_sys_mremap+0x119/0x170 [ 398.620935][T11902] ? __pfx___do_sys_mremap+0x10/0x10 [ 398.620959][T11902] ? __x64_sys_futex+0x1e0/0x4c0 [ 398.620994][T11902] do_syscall_64+0xcd/0x490 [ 398.621021][T11902] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 398.621038][T11902] RIP: 0033:0x7fe53bf8eb69 [ 398.621052][T11902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 398.621068][T11902] RSP: 002b:00007fe53cd7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 398.621085][T11902] RAX: ffffffffffffffda RBX: 00007fe53c1b5fa0 RCX: 00007fe53bf8eb69 [ 398.621096][T11902] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 398.621105][T11902] RBP: 00007fe53c011df1 R08: 00007effffffb000 R09: 0000000000000000 [ 398.621115][T11902] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 398.621124][T11902] R13: 0000000000000000 R14: 00007fe53c1b5fa0 R15: 00007ffcc9d95168 [ 398.621145][T11902] [ 399.989622][T11927] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2231'. [ 400.250992][T11929] workqueue: max_active 393216 requested for writeback is out of range, clamping between 1 and 2048 [ 400.298809][T11939] netlink: 'syz.0.2238': attribute type 4 has an invalid length. [ 401.061099][T11954] Process accounting resumed [ 402.503286][T11994] FAULT_INJECTION: forcing a failure. [ 402.503286][T11994] name failslab, interval 1, probability 0, space 0, times 0 [ 402.526959][T11994] CPU: 0 UID: 0 PID: 11994 Comm: syz.2.2258 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 402.527020][T11994] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 402.527030][T11994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 402.527053][T11994] Call Trace: [ 402.527062][T11994] [ 402.527071][T11994] dump_stack_lvl+0x16c/0x1f0 [ 402.527113][T11994] should_fail_ex+0x512/0x640 [ 402.527135][T11994] ? fs_reclaim_acquire+0xae/0x150 [ 402.527172][T11994] ? tomoyo_init_log+0x1385/0x2140 [ 402.527197][T11994] should_failslab+0xc2/0x120 [ 402.527230][T11994] __kmalloc_noprof+0xd2/0x510 [ 402.527256][T11994] ? __pfx_from_kuid+0x10/0x10 [ 402.527296][T11994] tomoyo_init_log+0x1385/0x2140 [ 402.527341][T11994] ? __pfx_tomoyo_init_log+0x10/0x10 [ 402.527366][T11994] ? tomoyo_profile+0x47/0x60 [ 402.527394][T11994] ? tomoyo_domain_quota_is_ok+0x2f6/0x5a0 [ 402.527438][T11994] tomoyo_supervisor+0x302/0x13b0 [ 402.527474][T11994] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 402.527502][T11994] ? __pfx_vsnprintf+0x10/0x10 [ 402.527550][T11994] ? tomoyo_encode2+0x329/0x3e0 [ 402.527595][T11994] tomoyo_path_number_perm+0x448/0x580 [ 402.527636][T11994] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 402.527694][T11994] ? find_held_lock+0x2b/0x80 [ 402.527717][T11994] ? hook_file_ioctl_common+0x145/0x410 [ 402.527760][T11994] ? __fget_files+0x20e/0x3c0 [ 402.527790][T11994] security_file_ioctl+0x9b/0x240 [ 402.527816][T11994] __x64_sys_ioctl+0xb7/0x210 [ 402.527854][T11994] do_syscall_64+0xcd/0x490 [ 402.527889][T11994] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 402.527912][T11994] RIP: 0033:0x7fa7f498eb69 [ 402.527930][T11994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 402.527952][T11994] RSP: 002b:00007fa7f586c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 402.527975][T11994] RAX: ffffffffffffffda RBX: 00007fa7f4bb5fa0 RCX: 00007fa7f498eb69 [ 402.527990][T11994] RDX: 0000000000000000 RSI: 00000000c0045005 RDI: 0000000000000004 [ 402.528004][T11994] RBP: 00007fa7f4a11df1 R08: 0000000000000000 R09: 0000000000000000 [ 402.528018][T11994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 402.528030][T11994] R13: 0000000000000000 R14: 00007fa7f4bb5fa0 R15: 00007ffd9c6cbb08 [ 402.528061][T11994] [ 403.329808][T12011] sock: sock_timestamping_bind_phc: sock not bind to device [ 403.571220][T12013] vhci_hcd: not connected 4 [ 404.386355][T12040] FAULT_INJECTION: forcing a failure. [ 404.386355][T12040] name failslab, interval 1, probability 0, space 0, times 0 [ 404.405260][T12040] CPU: 1 UID: 0 PID: 12040 Comm: syz.2.2278 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 404.405320][T12040] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 404.405334][T12040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 404.405352][T12040] Call Trace: [ 404.405364][T12040] [ 404.405376][T12040] dump_stack_lvl+0x16c/0x1f0 [ 404.405427][T12040] should_fail_ex+0x512/0x640 [ 404.405456][T12040] ? fs_reclaim_acquire+0xae/0x150 [ 404.405507][T12040] should_failslab+0xc2/0x120 [ 404.405568][T12040] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 404.405618][T12040] ? __pfx___mutex_trylock_common+0x10/0x10 [ 404.405659][T12040] ? kstrdup_const+0x63/0x80 [ 404.405703][T12040] kstrdup+0x53/0x100 [ 404.405740][T12040] kstrdup_const+0x63/0x80 [ 404.405776][T12040] __kernfs_new_node+0x9b/0x8e0 [ 404.405820][T12040] ? __pfx___kernfs_new_node+0x10/0x10 [ 404.405866][T12040] ? find_held_lock+0x2b/0x80 [ 404.405895][T12040] ? kernfs_root+0xee/0x2a0 [ 404.405957][T12040] kernfs_new_node+0x13c/0x1e0 [ 404.406006][T12040] kernfs_create_link+0xcc/0x240 [ 404.406037][T12040] sysfs_do_create_link_sd+0x90/0x140 [ 404.406075][T12040] sysfs_create_link+0x61/0xc0 [ 404.406106][T12040] __add_disk+0x61e/0xf00 [ 404.406159][T12040] add_disk_fwnode+0x13f/0x5d0 [ 404.406206][T12040] loop_add+0x903/0xb70 [ 404.406243][T12040] ? __pfx_loop_add+0x10/0x10 [ 404.406314][T12040] ? find_held_lock+0x2b/0x80 [ 404.406349][T12040] loop_control_ioctl+0x13e/0x630 [ 404.406388][T12040] ? __pfx_loop_control_ioctl+0x10/0x10 [ 404.406434][T12040] ? __pfx_loop_control_ioctl+0x10/0x10 [ 404.406474][T12040] __x64_sys_ioctl+0x18b/0x210 [ 404.406522][T12040] do_syscall_64+0xcd/0x490 [ 404.406568][T12040] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 404.406598][T12040] RIP: 0033:0x7fa7f498eb69 [ 404.406633][T12040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 404.406661][T12040] RSP: 002b:00007fa7f586c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 404.406689][T12040] RAX: ffffffffffffffda RBX: 00007fa7f4bb5fa0 RCX: 00007fa7f498eb69 [ 404.406709][T12040] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000005 [ 404.406727][T12040] RBP: 00007fa7f4a11df1 R08: 0000000000000000 R09: 0000000000000000 [ 404.406745][T12040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 404.406762][T12040] R13: 0000000000000000 R14: 00007fa7f4bb5fa0 R15: 00007ffd9c6cbb08 [ 404.406804][T12040] [ 404.679673][ C1] vkms_vblank_simulate: vblank timer overrun [ 406.875088][T12098] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma? [ 407.098782][T12103] netlink: 'syz.2.2303': attribute type 4 has an invalid length. [ 407.119121][T12103] netlink: 314 bytes leftover after parsing attributes in process `syz.2.2303'. [ 407.971354][T12128] FAULT_INJECTION: forcing a failure. [ 407.971354][T12128] name failslab, interval 1, probability 0, space 0, times 0 [ 408.012750][T12128] CPU: 1 UID: 0 PID: 12128 Comm: syz.1.2321 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 408.012804][T12128] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 408.012828][T12128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 408.012847][T12128] Call Trace: [ 408.012857][T12128] [ 408.012868][T12128] dump_stack_lvl+0x16c/0x1f0 [ 408.012914][T12128] should_fail_ex+0x512/0x640 [ 408.012943][T12128] ? __kmalloc_noprof+0xbf/0x510 [ 408.012976][T12128] ? __seq_open_private+0x22/0xd0 [ 408.013017][T12128] should_failslab+0xc2/0x120 [ 408.013056][T12128] __kmalloc_noprof+0xd2/0x510 [ 408.013087][T12128] ? __debugfs_file_get+0x1fe/0x840 [ 408.013134][T12128] ? __pfx_nst_fop_open+0x10/0x10 [ 408.013169][T12128] __seq_open_private+0x22/0xd0 [ 408.013215][T12128] nst_fop_open+0x24/0x120 [ 408.013251][T12128] full_proxy_open_regular+0x1b9/0x360 [ 408.013298][T12128] do_dentry_open+0x97f/0x1530 [ 408.013331][T12128] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 408.013382][T12128] vfs_open+0x82/0x3f0 [ 408.013429][T12128] path_openat+0x1de4/0x2cb0 [ 408.013478][T12128] ? __pfx_path_openat+0x10/0x10 [ 408.013515][T12128] ? __lock_acquire+0xb8a/0x1c90 [ 408.013561][T12128] do_filp_open+0x20b/0x470 [ 408.013587][T12128] ? __pfx_do_filp_open+0x10/0x10 [ 408.013641][T12128] ? alloc_fd+0x471/0x7d0 [ 408.013677][T12128] do_sys_openat2+0x11b/0x1d0 [ 408.013714][T12128] ? __pfx_do_sys_openat2+0x10/0x10 [ 408.013775][T12128] __x64_sys_openat+0x174/0x210 [ 408.013829][T12128] ? __pfx___x64_sys_openat+0x10/0x10 [ 408.013887][T12128] do_syscall_64+0xcd/0x490 [ 408.013929][T12128] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 408.013959][T12128] RIP: 0033:0x7ff1b918eb69 [ 408.013983][T12128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 408.014010][T12128] RSP: 002b:00007ff1ba008038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 408.014039][T12128] RAX: ffffffffffffffda RBX: 00007ff1b93b5fa0 RCX: 00007ff1b918eb69 [ 408.014059][T12128] RDX: 0000000000101080 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 408.014078][T12128] RBP: 00007ff1b9211df1 R08: 0000000000000000 R09: 0000000000000000 [ 408.014096][T12128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 408.014113][T12128] R13: 0000000000000000 R14: 00007ff1b93b5fa0 R15: 00007fff2035c978 [ 408.014151][T12128] [ 408.536146][T12134] __vm_enough_memory: pid: 12134, comm: syz.1.2314, bytes: 4398046511104 not enough memory for the allocation [ 409.246939][T12145] workqueue: max_active 393216 requested for writeback is out of range, clamping between 1 and 2048 [ 409.691788][T12161] serio: Serial port pty238 [ 409.707263][T12158] Invalid ELF header magic: != ELF [ 411.174974][T12194] serio: Serial port pty238 [ 411.222808][T12197] FAULT_INJECTION: forcing a failure. [ 411.222808][T12197] name failslab, interval 1, probability 0, space 0, times 0 [ 411.236382][T12197] CPU: 1 UID: 0 PID: 12197 Comm: syz.0.2337 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 411.236435][T12197] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 411.236446][T12197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 411.236462][T12197] Call Trace: [ 411.236471][T12197] [ 411.236482][T12197] dump_stack_lvl+0x16c/0x1f0 [ 411.236529][T12197] should_fail_ex+0x512/0x640 [ 411.236565][T12197] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 411.236600][T12197] ? __pfx_nst_fop_open+0x10/0x10 [ 411.236631][T12197] should_failslab+0xc2/0x120 [ 411.236663][T12197] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 411.236692][T12197] ? rcu_is_watching+0x12/0xc0 [ 411.236718][T12197] ? seq_open+0x55/0x170 [ 411.236760][T12197] ? __pfx_nst_fop_open+0x10/0x10 [ 411.236792][T12197] seq_open+0x55/0x170 [ 411.236830][T12197] __seq_open_private+0x3e/0xd0 [ 411.236873][T12197] nst_fop_open+0x24/0x120 [ 411.236903][T12197] full_proxy_open_regular+0x1b9/0x360 [ 411.236943][T12197] do_dentry_open+0x97f/0x1530 [ 411.236979][T12197] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 411.237030][T12197] vfs_open+0x82/0x3f0 [ 411.237074][T12197] path_openat+0x1de4/0x2cb0 [ 411.237118][T12197] ? __pfx_path_openat+0x10/0x10 [ 411.237151][T12197] ? __lock_acquire+0xb8a/0x1c90 [ 411.237191][T12197] do_filp_open+0x20b/0x470 [ 411.237223][T12197] ? __pfx_do_filp_open+0x10/0x10 [ 411.237286][T12197] ? alloc_fd+0x471/0x7d0 [ 411.237329][T12197] do_sys_openat2+0x11b/0x1d0 [ 411.237375][T12197] ? __pfx_do_sys_openat2+0x10/0x10 [ 411.237434][T12197] __x64_sys_openat+0x174/0x210 [ 411.237479][T12197] ? __pfx___x64_sys_openat+0x10/0x10 [ 411.237552][T12197] do_syscall_64+0xcd/0x490 [ 411.237599][T12197] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 411.237628][T12197] RIP: 0033:0x7fe53bf8eb69 [ 411.237653][T12197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 411.237682][T12197] RSP: 002b:00007fe53cd7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 411.237711][T12197] RAX: ffffffffffffffda RBX: 00007fe53c1b5fa0 RCX: 00007fe53bf8eb69 [ 411.237730][T12197] RDX: 0000000000101080 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 411.237749][T12197] RBP: 00007fe53c011df1 R08: 0000000000000000 R09: 0000000000000000 [ 411.237767][T12197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 411.237784][T12197] R13: 0000000000000000 R14: 00007fe53c1b5fa0 R15: 00007ffcc9d95168 [ 411.237825][T12197] [ 411.856748][T12207] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2341'. [ 411.954399][T12209] [U]  [ 411.957326][T12209] [U] [ 411.960229][T12209] [U] [ 411.963033][T12209] [U] [ 411.975438][T12209] [U] [ 411.978205][T12209] [U] [ 411.981096][T12209] [U] [ 411.984067][T12209] [U] [ 411.998997][T12209] [U] [ 412.002147][T12209] [U] [ 412.005763][T12209] [U] [ 412.009020][T12209] [U] [ 412.014925][T12209] [U] [ 412.018357][T12209] [U] [ 412.021383][T12209] [U] [ 412.024485][T12209] [U] [ 412.069550][T12211] [U] [ 412.242401][T12222] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2349'. [ 412.256587][T12222] netlink: 25 bytes leftover after parsing attributes in process `syz.3.2349'. [ 412.450598][T12220] netlink: 186 bytes leftover after parsing attributes in process `syz.0.2347'. [ 412.480708][T12220] netlink: 186 bytes leftover after parsing attributes in process `syz.0.2347'. [ 412.727721][T12239] [U]  [ 412.731013][T12239] [U] [ 412.733741][T12239] [U] [ 412.736551][T12239] [U] [ 412.759098][T12239] [U] [ 412.762594][T12239] [U] [ 412.765980][T12239] [U] [ 412.769384][T12233] Invalid ELF header magic: != ELF [ 412.776834][T12239] [U] [ 412.780094][ C1] vkms_vblank_simulate: vblank timer overrun [ 412.793817][T12239] [U] [ 412.796944][T12239] [U] [ 412.800147][T12239] [U] [ 412.811006][T12239] [U] [ 412.813985][ C1] vkms_vblank_simulate: vblank timer overrun [ 412.864750][T12239] [U] [ 412.868564][T12239] [U] [ 412.872924][T12239] [U] [ 412.876466][T12239] [U] [ 412.884107][T12239] [U] [ 412.887960][T12239] [U] [ 412.892188][T12239] [U] [ 412.896679][T12239] [U] [ 412.905907][T12239] [U] [ 412.909156][T12239] [U] [ 412.912800][T12239] [U] [ 412.916149][T12239] [U] [ 412.929878][T12245] [U] [ 413.604004][T12262] netlink: 326 bytes leftover after parsing attributes in process `syz.0.2362'. [ 414.792790][T12286] netlink: 326 bytes leftover after parsing attributes in process `syz.0.2378'. [ 414.882338][T12287] Invalid ELF header magic: != ELF [ 414.967327][T12291] netlink: 326 bytes leftover after parsing attributes in process `syz.0.2371'. [ 415.354768][T12298] netlink: 266 bytes leftover after parsing attributes in process `syz.3.2376'. [ 415.366735][T12298] IPv6: NLM_F_CREATE should be specified when creating new route [ 416.211142][T12315] netlink: 326 bytes leftover after parsing attributes in process `syz.1.2383'. [ 416.563176][ T30] audit: type=1800 audit(4294971654.719:8): pid=12327 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2385" name="dbroot" dev="configfs" ino=39045 res=0 errno=0 [ 417.219633][T12342] netlink: 330 bytes leftover after parsing attributes in process `syz.3.2392'. [ 418.341813][T12371] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2402'. [ 419.957409][T12391] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 420.059576][T12395] FAULT_INJECTION: forcing a failure. [ 420.059576][T12395] name failslab, interval 1, probability 0, space 0, times 0 [ 420.080437][T12395] CPU: 1 UID: 0 PID: 12395 Comm: syz.2.2411 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 420.080708][T12395] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 420.080859][T12395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 420.080880][T12395] Call Trace: [ 420.080893][T12395] [ 420.080905][T12395] dump_stack_lvl+0x16c/0x1f0 [ 420.080953][T12395] should_fail_ex+0x512/0x640 [ 420.080978][T12395] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 420.081016][T12395] should_failslab+0xc2/0x120 [ 420.081050][T12395] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 420.081082][T12395] ? __kernfs_new_node+0xd2/0x8e0 [ 420.081122][T12395] __kernfs_new_node+0xd2/0x8e0 [ 420.081188][T12395] ? __pfx___kernfs_new_node+0x10/0x10 [ 420.081234][T12395] ? find_held_lock+0x2b/0x80 [ 420.081264][T12395] ? kernfs_root+0xee/0x2a0 [ 420.081316][T12395] kernfs_new_node+0x13c/0x1e0 [ 420.081361][T12395] __kernfs_create_file+0x53/0x350 [ 420.081393][T12395] sysfs_add_file_mode_ns+0x207/0x3c0 [ 420.081435][T12395] internal_create_group+0x578/0xf30 [ 420.081536][T12395] ? __pfx_internal_create_group+0x10/0x10 [ 420.081574][T12395] ? kernfs_create_link+0x1bd/0x240 [ 420.081594][T12395] internal_create_groups+0x9d/0x150 [ 420.081628][T12395] device_add+0x77f/0x1a70 [ 420.081665][T12395] ? __pfx_device_add+0x10/0x10 [ 420.081698][T12395] ? lockdep_init_map_type+0x5c/0x280 [ 420.081738][T12395] ? __init_waitqueue_head+0xca/0x150 [ 420.081868][T12395] netdev_register_kobject+0x1a9/0x3d0 [ 420.081909][T12395] register_netdevice+0x13dc/0x2270 [ 420.081967][T12395] ? __pfx_register_netdevice+0x10/0x10 [ 420.082021][T12395] ppp_dev_configure+0xa1e/0xd40 [ 420.082071][T12395] ppp_ioctl+0x17e0/0x2660 [ 420.082116][T12395] ? find_held_lock+0x2b/0x80 [ 420.082143][T12395] ? __pfx_ppp_ioctl+0x10/0x10 [ 420.082190][T12395] ? __fget_files+0x20e/0x3c0 [ 420.082227][T12395] ? __pfx_ppp_ioctl+0x10/0x10 [ 420.082270][T12395] __x64_sys_ioctl+0x18b/0x210 [ 420.082317][T12395] do_syscall_64+0xcd/0x490 [ 420.082360][T12395] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 420.082388][T12395] RIP: 0033:0x7fa7f498eb69 [ 420.082412][T12395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 420.082439][T12395] RSP: 002b:00007fa7f586c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 420.082464][T12395] RAX: ffffffffffffffda RBX: 00007fa7f4bb5fa0 RCX: 00007fa7f498eb69 [ 420.082482][T12395] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000005 [ 420.082499][T12395] RBP: 00007fa7f4a11df1 R08: 0000000000000000 R09: 0000000000000000 [ 420.082515][T12395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 420.082531][T12395] R13: 0000000000000000 R14: 00007fa7f4bb5fa0 R15: 00007ffd9c6cbb08 [ 420.082573][T12395] [ 421.492788][T12421] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 422.247479][ T1168] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 422.359891][ T1168] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 422.507905][ T1168] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 422.572281][ T1168] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 422.738119][ T1168] bridge_slave_1: left allmulticast mode [ 422.745297][ T1168] bridge_slave_1: left promiscuous mode [ 422.751384][ T1168] bridge0: port 2(bridge_slave_1) entered disabled state [ 422.764940][ T1168] bridge_slave_0: left allmulticast mode [ 422.771534][ T1168] bridge_slave_0: left promiscuous mode [ 422.778772][ T1168] bridge0: port 1(bridge_slave_0) entered disabled state [ 423.340041][ T1168]  (unregistering): (slave bond_slave_0): Releasing backup interface [ 423.357780][ T1168]  (unregistering): (slave bond_slave_1): Releasing backup interface [ 423.374187][ T1168]  (unregistering): Released all slaves [ 423.663289][ T1168] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 423.672209][ T1168] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 423.682091][ T1168] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 423.691794][ T1168] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 423.720671][ T1168] veth1_macvtap: left promiscuous mode [ 424.270605][ T1168] team0 (unregistering): Port device team_slave_1 removed [ 424.324277][ T1168] team0 (unregistering): Port device team_slave_0 removed [ 427.332282][ T5853] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 427.346706][ T5853] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 427.362659][ T5853] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 427.389772][ T5853] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 427.399460][ T5853] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 427.947126][ T30] audit: type=1800 audit(4294971666.152:9): pid=12543 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2434" name="dbroot" dev="configfs" ino=39581 res=0 errno=0 [ 428.067843][T12530] chnl_net:caif_netlink_parms(): no params data found [ 428.334141][T12545] binder: 12539:12545 ioctl c0306201 0 returned -14 [ 428.637746][T12561] netlink: 350 bytes leftover after parsing attributes in process `syz.3.2438'. [ 428.842805][T12530] bridge0: port 1(bridge_slave_0) entered blocking state [ 428.852721][T12530] bridge0: port 1(bridge_slave_0) entered disabled state [ 428.867244][T12530] bridge_slave_0: entered allmulticast mode [ 428.889356][T12530] bridge_slave_0: entered promiscuous mode [ 429.148057][T12530] bridge0: port 2(bridge_slave_1) entered blocking state [ 429.180159][T12530] bridge0: port 2(bridge_slave_1) entered disabled state [ 429.201003][T12530] bridge_slave_1: entered allmulticast mode [ 429.227348][T12530] bridge_slave_1: entered promiscuous mode [ 429.442623][ T5849] Bluetooth: hci1: command tx timeout [ 429.560947][T12530] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 429.588786][T12530] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 429.765702][T12577] FAULT_INJECTION: forcing a failure. [ 429.765702][T12577] name failslab, interval 1, probability 0, space 0, times 0 [ 429.830700][T12577] CPU: 1 UID: 0 PID: 12577 Comm: syz.0.2443 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 429.830757][T12577] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 429.830768][T12577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 429.830783][T12577] Call Trace: [ 429.830793][T12577] [ 429.830803][T12577] dump_stack_lvl+0x16c/0x1f0 [ 429.830852][T12577] should_fail_ex+0x512/0x640 [ 429.830879][T12577] ? __kvmalloc_node_noprof+0x124/0x620 [ 429.830916][T12577] should_failslab+0xc2/0x120 [ 429.830952][T12577] __kvmalloc_node_noprof+0x137/0x620 [ 429.830983][T12577] ? lockdep_init_map_type+0x5c/0x280 [ 429.831022][T12577] ? __v4l2_subdev_state_alloc+0x1a7/0x400 [ 429.831064][T12577] ? __v4l2_subdev_state_alloc+0x1a7/0x400 [ 429.831096][T12577] __v4l2_subdev_state_alloc+0x1a7/0x400 [ 429.831133][T12577] subdev_open+0xa6/0x560 [ 429.831166][T12577] v4l2_open+0x225/0x490 [ 429.831204][T12577] ? __pfx_v4l2_open+0x10/0x10 [ 429.831241][T12577] chrdev_open+0x231/0x6a0 [ 429.831276][T12577] ? __pfx_apparmor_file_open+0x10/0x10 [ 429.831308][T12577] ? __pfx_chrdev_open+0x10/0x10 [ 429.831346][T12577] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 429.831384][T12577] do_dentry_open+0x97f/0x1530 [ 429.831418][T12577] ? __pfx_chrdev_open+0x10/0x10 [ 429.831461][T12577] vfs_open+0x82/0x3f0 [ 429.831517][T12577] path_openat+0x1de4/0x2cb0 [ 429.831565][T12577] ? __pfx_path_openat+0x10/0x10 [ 429.831600][T12577] ? __lock_acquire+0xb8a/0x1c90 [ 429.831642][T12577] do_filp_open+0x20b/0x470 [ 429.831676][T12577] ? __pfx_do_filp_open+0x10/0x10 [ 429.831743][T12577] ? alloc_fd+0x471/0x7d0 [ 429.831786][T12577] do_sys_openat2+0x11b/0x1d0 [ 429.831829][T12577] ? __pfx_do_sys_openat2+0x10/0x10 [ 429.831870][T12577] ? __fget_files+0x204/0x3c0 [ 429.831918][T12577] __x64_sys_openat+0x174/0x210 [ 429.831962][T12577] ? __pfx___x64_sys_openat+0x10/0x10 [ 429.832025][T12577] do_syscall_64+0xcd/0x490 [ 429.832071][T12577] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 429.832101][T12577] RIP: 0033:0x7fe53bf8eb69 [ 429.832125][T12577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 429.832151][T12577] RSP: 002b:00007fe53cd7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 429.832180][T12577] RAX: ffffffffffffffda RBX: 00007fe53c1b5fa0 RCX: 00007fe53bf8eb69 [ 429.832200][T12577] RDX: 0000000000080000 RSI: 0000200000000340 RDI: ffffffffffffff9c [ 429.832218][T12577] RBP: 00007fe53c011df1 R08: 0000000000000000 R09: 0000000000000000 [ 429.832235][T12577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 429.832252][T12577] R13: 0000000000000000 R14: 00007fe53c1b5fa0 R15: 00007ffcc9d95168 [ 429.832291][T12577] [ 430.442651][T12530] team0: Port device team_slave_0 added [ 430.644005][T12530] team0: Port device team_slave_1 added [ 430.803356][T12530] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 430.823555][T12530] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 430.891426][T12530] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 430.918424][T12530] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 430.940345][T12530] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 431.002347][T12563] Process accounting paused [ 431.025794][T12530] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 431.342804][T12530] hsr_slave_0: entered promiscuous mode [ 431.367229][T12530] hsr_slave_1: entered promiscuous mode [ 431.404201][T12530] debugfs: 'hsr0' already exists in 'hsr' [ 431.410504][T12530] Cannot create hsr debugfs directory [ 431.516448][ T5849] Bluetooth: hci1: command tx timeout [ 432.208035][T12614] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 433.583566][ T5849] Bluetooth: hci1: command tx timeout [ 433.902293][T12654] FAULT_INJECTION: forcing a failure. [ 433.902293][T12654] name failslab, interval 1, probability 0, space 0, times 0 [ 433.919008][T12654] CPU: 0 UID: 0 PID: 12654 Comm: syz.3.2460 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 433.919062][T12654] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 433.919074][T12654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 433.919091][T12654] Call Trace: [ 433.919102][T12654] [ 433.919113][T12654] dump_stack_lvl+0x16c/0x1f0 [ 433.919162][T12654] should_fail_ex+0x512/0x640 [ 433.919190][T12654] ? lock_acquire+0x179/0x350 [ 433.919231][T12654] should_failslab+0xc2/0x120 [ 433.919269][T12654] __kmalloc_cache_noprof+0x6a/0x3e0 [ 433.919294][T12654] ? tipc_service_create+0xb1/0x350 [ 433.919340][T12654] tipc_service_create+0xb1/0x350 [ 433.919379][T12654] ? tipc_service_find+0x161/0x1c0 [ 433.919417][T12654] tipc_nametbl_insert_publ+0xf78/0x1720 [ 433.919457][T12654] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 433.919491][T12654] ? net_generic+0xea/0x2a0 [ 433.919530][T12654] tipc_nametbl_publish+0x137/0x280 [ 433.919569][T12654] tipc_sk_publish+0x1d8/0x430 [ 433.919754][T12654] ? __pfx_tipc_sk_publish+0x10/0x10 [ 433.919806][T12654] ? __local_bh_enable_ip+0xa4/0x120 [ 433.919840][T12654] tipc_sk_bind+0x16f/0x380 [ 433.919883][T12654] tipc_bind+0x190/0x2a0 [ 433.919935][T12654] __sys_bind+0x1a7/0x260 [ 433.919972][T12654] ? __pfx___sys_bind+0x10/0x10 [ 433.920022][T12654] ? xfd_validate_state+0x61/0x180 [ 433.920061][T12654] ? __pfx_do_writev+0x10/0x10 [ 433.920099][T12654] __x64_sys_bind+0x72/0xb0 [ 433.920131][T12654] ? lockdep_hardirqs_on+0x7c/0x110 [ 433.920173][T12654] do_syscall_64+0xcd/0x490 [ 433.920220][T12654] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 433.920253][T12654] RIP: 0033:0x7f6f51f8eb69 [ 433.920275][T12654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 433.920301][T12654] RSP: 002b:00007f6f52db9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 433.920331][T12654] RAX: ffffffffffffffda RBX: 00007f6f521b5fa0 RCX: 00007f6f51f8eb69 [ 433.920351][T12654] RDX: 0000000000000066 RSI: 0000200000000040 RDI: 0000000000000005 [ 433.920368][T12654] RBP: 00007f6f52011df1 R08: 0000000000000000 R09: 0000000000000000 [ 433.920385][T12654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 433.920400][T12654] R13: 0000000000000000 R14: 00007f6f521b5fa0 R15: 00007ffcd84ccda8 [ 433.920440][T12654] [ 433.920452][T12654] tipc: Service creation failed, no memory [ 433.937308][T12530] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 434.165869][ C1] vkms_vblank_simulate: vblank timer overrun [ 434.377656][T12530] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 434.445326][T12530] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 434.489727][T12530] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 434.594362][T12675] FAULT_INJECTION: forcing a failure. [ 434.594362][T12675] name failslab, interval 1, probability 0, space 0, times 0 [ 434.648520][T12675] CPU: 1 UID: 0 PID: 12675 Comm: syz.0.2464 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 434.648575][T12675] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 434.648588][T12675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 434.648606][T12675] Call Trace: [ 434.648616][T12675] [ 434.648627][T12675] dump_stack_lvl+0x16c/0x1f0 [ 434.648675][T12675] should_fail_ex+0x512/0x640 [ 434.648713][T12675] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 434.648758][T12675] should_failslab+0xc2/0x120 [ 434.648797][T12675] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 434.648833][T12675] ? copy_net_ns+0xe8/0x5f0 [ 434.648870][T12675] copy_net_ns+0xe8/0x5f0 [ 434.648896][T12675] ? copy_cgroup_ns+0x71/0x700 [ 434.648933][T12675] create_new_namespaces+0x3ea/0xa90 [ 434.648978][T12675] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 434.649018][T12675] ksys_unshare+0x45b/0xa40 [ 434.649061][T12675] ? __pfx_ksys_unshare+0x10/0x10 [ 434.649104][T12675] ? xfd_validate_state+0x61/0x180 [ 434.649162][T12675] __x64_sys_unshare+0x31/0x40 [ 434.649197][T12675] do_syscall_64+0xcd/0x490 [ 434.649240][T12675] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 434.649268][T12675] RIP: 0033:0x7fe53bf8eb69 [ 434.649292][T12675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 434.649321][T12675] RSP: 002b:00007fe53cd7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 434.649348][T12675] RAX: ffffffffffffffda RBX: 00007fe53c1b5fa0 RCX: 00007fe53bf8eb69 [ 434.649368][T12675] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 434.649385][T12675] RBP: 00007fe53c011df1 R08: 0000000000000000 R09: 0000000000000000 [ 434.649401][T12675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 434.649418][T12675] R13: 0000000000000000 R14: 00007fe53c1b5fa0 R15: 00007ffcc9d95168 [ 434.649456][T12675] [ 434.887274][ C1] vkms_vblank_simulate: vblank timer overrun [ 435.236117][T12530] 8021q: adding VLAN 0 to HW filter on device bond0 [ 435.286745][T12687] netlink: 146 bytes leftover after parsing attributes in process `syz.0.2466'. [ 435.321139][T12530] 8021q: adding VLAN 0 to HW filter on device team0 [ 435.390132][ T3001] bridge0: port 1(bridge_slave_0) entered blocking state [ 435.399002][ T3001] bridge0: port 1(bridge_slave_0) entered forwarding state [ 435.509012][ T3001] bridge0: port 2(bridge_slave_1) entered blocking state [ 435.517146][ T3001] bridge0: port 2(bridge_slave_1) entered forwarding state [ 435.654991][ T5849] Bluetooth: hci1: command tx timeout [ 435.746430][T12697] FAULT_INJECTION: forcing a failure. [ 435.746430][T12697] name failslab, interval 1, probability 0, space 0, times 0 [ 435.852349][T12697] CPU: 1 UID: 0 PID: 12697 Comm: syz.2.2468 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 435.852406][T12697] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 435.852430][T12697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 435.852447][T12697] Call Trace: [ 435.852456][T12697] [ 435.852468][T12697] dump_stack_lvl+0x16c/0x1f0 [ 435.852514][T12697] should_fail_ex+0x512/0x640 [ 435.852540][T12697] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 435.852578][T12697] should_failslab+0xc2/0x120 [ 435.852614][T12697] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 435.852644][T12697] ? __pfx___might_resched+0x10/0x10 [ 435.852670][T12697] ? pidfs_register_pid+0x93/0x1b0 [ 435.852714][T12697] pidfs_register_pid+0x93/0x1b0 [ 435.852753][T12697] unix_socketpair+0x126/0x860 [ 435.852791][T12697] ? bpf_lsm_socket_post_create+0x9/0x10 [ 435.852825][T12697] ? security_socket_post_create+0x21d/0x260 [ 435.852862][T12697] ? __pfx_unix_socketpair+0x10/0x10 [ 435.852902][T12697] ? __sock_create+0xa2/0x8d0 [ 435.852942][T12697] __sys_socketpair+0x2ef/0x5a0 [ 435.852976][T12697] ? __pfx___sys_socketpair+0x10/0x10 [ 435.853005][T12697] ? __pfx_blkcg_maybe_throttle_current+0x10/0x10 [ 435.853046][T12697] ? xfd_validate_state+0x61/0x180 [ 435.853095][T12697] __x64_sys_socketpair+0x96/0x100 [ 435.853126][T12697] ? lockdep_hardirqs_on+0x7c/0x110 [ 435.853164][T12697] do_syscall_64+0xcd/0x490 [ 435.853209][T12697] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 435.853245][T12697] RIP: 0033:0x7fa7f498eb69 [ 435.853269][T12697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 435.853298][T12697] RSP: 002b:00007fa7f586c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 435.853327][T12697] RAX: ffffffffffffffda RBX: 00007fa7f4bb5fa0 RCX: 00007fa7f498eb69 [ 435.853346][T12697] RDX: 8000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 435.853364][T12697] RBP: 00007fa7f4a11df1 R08: 0000000000000000 R09: 0000000000000000 [ 435.853381][T12697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 435.853398][T12697] R13: 0000000000000000 R14: 00007fa7f4bb5fa0 R15: 00007ffd9c6cbb08 [ 435.853448][T12697] [ 436.117938][ C1] vkms_vblank_simulate: vblank timer overrun [ 436.729774][T12714] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2471'. [ 436.794797][T12714] bridge0: port 2(bridge_slave_1) entered disabled state [ 437.038957][T12714] bridge_slave_1 (unregistering): left allmulticast mode [ 437.146317][T12714] bridge_slave_1 (unregistering): left promiscuous mode [ 437.186461][T12714] bridge0: port 2(bridge_slave_1) entered disabled state [ 437.697284][ T30] audit: type=1804 audit(4294971675.928:10): pid=12735 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2476" name="/newroot/377/file0" dev="tmpfs" ino=1957 res=1 errno=0 [ 437.999399][T12530] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 438.307434][T12530] veth0_vlan: entered promiscuous mode [ 438.329254][T12530] veth1_vlan: entered promiscuous mode [ 438.517160][T12530] veth0_macvtap: entered promiscuous mode [ 438.566489][T12530] veth1_macvtap: entered promiscuous mode [ 438.665955][T12530] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 438.733840][T12530] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 438.881044][T12353] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 438.908817][T12353] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 438.927166][T12353] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 438.954255][ T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 439.062204][T12760] FAULT_INJECTION: forcing a failure. [ 439.062204][T12760] name failslab, interval 1, probability 0, space 0, times 0 [ 439.139576][T12760] CPU: 0 UID: 0 PID: 12760 Comm: syz.0.2487 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 439.139696][T12760] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 439.139708][T12760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 439.139725][T12760] Call Trace: [ 439.139735][T12760] [ 439.139746][T12760] dump_stack_lvl+0x16c/0x1f0 [ 439.139793][T12760] should_fail_ex+0x512/0x640 [ 439.139821][T12760] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 439.139854][T12760] should_failslab+0xc2/0x120 [ 439.139890][T12760] __kmalloc_cache_noprof+0x6a/0x3e0 [ 439.139918][T12760] ? __genradix_ptr_alloc+0x340/0x5f0 [ 439.139951][T12760] ? sctp_auth_shkey_create+0x9e/0x210 [ 439.139992][T12760] sctp_auth_shkey_create+0x9e/0x210 [ 439.140035][T12760] sctp_auth_asoc_copy_shkeys+0x1f2/0x360 [ 439.140084][T12760] sctp_association_new+0x19ad/0x2a00 [ 439.140138][T12760] sctp_connect_new_asoc+0x1a8/0x770 [ 439.140183][T12760] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 439.140231][T12760] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 439.140280][T12760] __sctp_connect+0x3f3/0xc60 [ 439.140329][T12760] ? do_raw_spin_lock+0x12c/0x2b0 [ 439.140368][T12760] ? __pfx___sctp_connect+0x10/0x10 [ 439.140414][T12760] ? __pfx_sctp_inet_connect+0x10/0x10 [ 439.140457][T12760] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 439.140501][T12760] ? __pfx_sctp_inet_connect+0x10/0x10 [ 439.140549][T12760] sctp_inet_connect+0x15f/0x200 [ 439.140605][T12760] __sys_connect_file+0x141/0x1a0 [ 439.140648][T12760] __sys_connect+0x13b/0x160 [ 439.140681][T12760] ? __pfx___sys_connect+0x10/0x10 [ 439.140735][T12760] ? xfd_validate_state+0x61/0x180 [ 439.140771][T12760] ? __pfx_do_writev+0x10/0x10 [ 439.140806][T12760] __x64_sys_connect+0x72/0xb0 [ 439.140836][T12760] ? lockdep_hardirqs_on+0x7c/0x110 [ 439.140875][T12760] do_syscall_64+0xcd/0x490 [ 439.140921][T12760] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 439.140952][T12760] RIP: 0033:0x7fe53bf8eb69 [ 439.140977][T12760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 439.141006][T12760] RSP: 002b:00007fe53cd7c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 439.141035][T12760] RAX: ffffffffffffffda RBX: 00007fe53c1b5fa0 RCX: 00007fe53bf8eb69 [ 439.141055][T12760] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 439.141073][T12760] RBP: 00007fe53c011df1 R08: 0000000000000000 R09: 0000000000000000 [ 439.141090][T12760] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 439.141107][T12760] R13: 0000000000000000 R14: 00007fe53c1b5fa0 R15: 00007ffcc9d95168 [ 439.141147][T12760] [ 439.155120][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 439.353726][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 439.387836][ C1] vkms_vblank_simulate: vblank timer overrun [ 439.607350][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 439.664581][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 441.199356][ T30] audit: type=1804 audit(4294971679.475:11): pid=12803 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2486" name="/newroot/633/file0" dev="tmpfs" ino=3270 res=1 errno=0 [ 441.713833][T12810] FAULT_INJECTION: forcing a failure. [ 441.713833][T12810] name failslab, interval 1, probability 0, space 0, times 0 [ 441.784974][T12810] CPU: 0 UID: 0 PID: 12810 Comm: syz.3.2491 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 441.785031][T12810] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 441.785043][T12810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 441.785060][T12810] Call Trace: [ 441.785071][T12810] [ 441.785083][T12810] dump_stack_lvl+0x16c/0x1f0 [ 441.785132][T12810] should_fail_ex+0x512/0x640 [ 441.785160][T12810] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 441.785194][T12810] should_failslab+0xc2/0x120 [ 441.785231][T12810] __kmalloc_cache_noprof+0x6a/0x3e0 [ 441.785262][T12810] ? kobject_uevent_env+0x265/0x1870 [ 441.785329][T12810] kobject_uevent_env+0x265/0x1870 [ 441.785375][T12810] ? internal_create_groups+0x11a/0x150 [ 441.785419][T12810] netdev_queue_update_kobjects+0x1a7/0x720 [ 441.785466][T12810] netdev_register_kobject+0x2b3/0x3d0 [ 441.785503][T12810] register_netdevice+0x13dc/0x2270 [ 441.785556][T12810] ? __pfx_register_netdevice+0x10/0x10 [ 441.785623][T12810] ppp_dev_configure+0xa1e/0xd40 [ 441.785678][T12810] ppp_ioctl+0x17e0/0x2660 [ 441.785728][T12810] ? find_held_lock+0x2b/0x80 [ 441.785756][T12810] ? __pfx_ppp_ioctl+0x10/0x10 [ 441.785806][T12810] ? __fget_files+0x20e/0x3c0 [ 441.785844][T12810] ? __pfx_ppp_ioctl+0x10/0x10 [ 441.785890][T12810] __x64_sys_ioctl+0x18b/0x210 [ 441.785937][T12810] do_syscall_64+0xcd/0x490 [ 441.785988][T12810] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 441.786017][T12810] RIP: 0033:0x7f6f51f8eb69 [ 441.786043][T12810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 441.786072][T12810] RSP: 002b:00007f6f52db9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 441.786101][T12810] RAX: ffffffffffffffda RBX: 00007f6f521b5fa0 RCX: 00007f6f51f8eb69 [ 441.786122][T12810] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000005 [ 441.786140][T12810] RBP: 00007f6f52011df1 R08: 0000000000000000 R09: 0000000000000000 [ 441.786157][T12810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 441.786173][T12810] R13: 0000000000000000 R14: 00007f6f521b5fa0 R15: 00007ffcd84ccda8 [ 441.786212][T12810] [ 442.260068][T12807] FAULT_INJECTION: forcing a failure. [ 442.260068][T12807] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 442.306682][T12807] CPU: 0 UID: 0 PID: 12807 Comm: syz.2.2490 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 442.306735][T12807] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 442.306747][T12807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 442.306762][T12807] Call Trace: [ 442.306772][T12807] [ 442.306782][T12807] dump_stack_lvl+0x16c/0x1f0 [ 442.306828][T12807] should_fail_ex+0x512/0x640 [ 442.306874][T12807] should_fail_alloc_page+0xe7/0x130 [ 442.306918][T12807] prepare_alloc_pages+0x3c2/0x610 [ 442.306961][T12807] ? stack_trace_save+0x8e/0xc0 [ 442.307000][T12807] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 442.307044][T12807] ? kasan_save_stack+0x42/0x60 [ 442.307074][T12807] ? kasan_save_stack+0x33/0x60 [ 442.307102][T12807] ? kasan_save_track+0x14/0x30 [ 442.307132][T12807] ? __kasan_kmalloc+0xaa/0xb0 [ 442.307161][T12807] ? fuse_dev_alloc+0x8e/0x280 [ 442.307195][T12807] ? fuse_dev_alloc_install+0x13/0x40 [ 442.307233][T12807] ? cuse_channel_open+0x100/0x7f0 [ 442.307265][T12807] ? misc_open+0x35a/0x420 [ 442.307300][T12807] ? chrdev_open+0x231/0x6a0 [ 442.307524][T12807] ? do_dentry_open+0x97f/0x1530 [ 442.307555][T12807] ? vfs_open+0x82/0x3f0 [ 442.307588][T12807] ? path_openat+0x1de4/0x2cb0 [ 442.307617][T12807] ? do_filp_open+0x20b/0x470 [ 442.307649][T12807] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 442.307684][T12807] ? register_lock_class+0x41/0x4c0 [ 442.307737][T12807] ? __lock_acquire+0xb8a/0x1c90 [ 442.307783][T12807] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 442.307822][T12807] ? policy_nodemask+0xea/0x4e0 [ 442.307859][T12807] alloc_pages_mpol+0x1fb/0x550 [ 442.307897][T12807] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 442.307934][T12807] ? fuse_dev_alloc_install+0x2b/0x40 [ 442.307984][T12807] folio_alloc_noprof+0x20/0x2d0 [ 442.308028][T12807] cuse_channel_open+0x198/0x7f0 [ 442.308063][T12807] ? __pfx_cuse_channel_open+0x10/0x10 [ 442.308101][T12807] misc_open+0x35a/0x420 [ 442.308138][T12807] ? __pfx_misc_open+0x10/0x10 [ 442.308175][T12807] chrdev_open+0x231/0x6a0 [ 442.308209][T12807] ? __pfx_apparmor_file_open+0x10/0x10 [ 442.308242][T12807] ? __pfx_chrdev_open+0x10/0x10 [ 442.308282][T12807] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 442.308324][T12807] do_dentry_open+0x97f/0x1530 [ 442.308369][T12807] ? __pfx_chrdev_open+0x10/0x10 [ 442.308417][T12807] vfs_open+0x82/0x3f0 [ 442.308467][T12807] path_openat+0x1de4/0x2cb0 [ 442.308518][T12807] ? __pfx_path_openat+0x10/0x10 [ 442.308554][T12807] ? __lock_acquire+0xb8a/0x1c90 [ 442.308596][T12807] do_filp_open+0x20b/0x470 [ 442.308631][T12807] ? __pfx_do_filp_open+0x10/0x10 [ 442.308702][T12807] ? alloc_fd+0x471/0x7d0 [ 442.308748][T12807] do_sys_openat2+0x11b/0x1d0 [ 442.308791][T12807] ? __pfx_do_sys_openat2+0x10/0x10 [ 442.308854][T12807] __x64_sys_openat+0x174/0x210 [ 442.308900][T12807] ? __pfx___x64_sys_openat+0x10/0x10 [ 442.308954][T12807] do_syscall_64+0xcd/0x490 [ 442.308995][T12807] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 442.309022][T12807] RIP: 0033:0x7fa7f498eb69 [ 442.309046][T12807] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 442.309072][T12807] RSP: 002b:00007fa7f586c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 442.309111][T12807] RAX: ffffffffffffffda RBX: 00007fa7f4bb5fa0 RCX: 00007fa7f498eb69 [ 442.309131][T12807] RDX: 00000000001c1041 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 442.309149][T12807] RBP: 00007fa7f4a11df1 R08: 0000000000000000 R09: 0000000000000000 [ 442.309168][T12807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 442.309184][T12807] R13: 0000000000000000 R14: 00007fa7f4bb5fa0 R15: 00007ffd9c6cbb08 [ 442.309227][T12807] [ 443.279652][T12831] kAFS: No cell specified [ 443.745616][T12848] i2c i2c-0: Invalid 7-bit I2C address 0x00 [ 443.977131][T12854] netlink: 146 bytes leftover after parsing attributes in process `syz.3.2502'. [ 444.595114][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 444.610927][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 444.705186][T12877] FAULT_INJECTION: forcing a failure. [ 444.705186][T12877] name failslab, interval 1, probability 0, space 0, times 0 [ 444.735767][T12877] CPU: 1 UID: 0 PID: 12877 Comm: syz.0.2508 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 444.735825][T12877] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 444.735836][T12877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 444.735853][T12877] Call Trace: [ 444.735863][T12877] [ 444.735873][T12877] dump_stack_lvl+0x16c/0x1f0 [ 444.735920][T12877] should_fail_ex+0x512/0x640 [ 444.735945][T12877] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 444.736004][T12877] should_failslab+0xc2/0x120 [ 444.736049][T12877] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 444.736083][T12877] ? __kernfs_new_node+0xd2/0x8e0 [ 444.736123][T12877] __kernfs_new_node+0xd2/0x8e0 [ 444.736163][T12877] ? __pfx___kernfs_new_node+0x10/0x10 [ 444.736219][T12877] ? find_held_lock+0x2b/0x80 [ 444.736248][T12877] ? kernfs_root+0xee/0x2a0 [ 444.736291][T12877] kernfs_new_node+0x13c/0x1e0 [ 444.736335][T12877] __kernfs_create_file+0x53/0x350 [ 444.736367][T12877] sysfs_add_file_mode_ns+0x207/0x3c0 [ 444.736410][T12877] internal_create_group+0x578/0xf30 [ 444.736457][T12877] ? __pfx_internal_create_group+0x10/0x10 [ 444.736500][T12877] ? kernfs_create_link+0x1bd/0x240 [ 444.736533][T12877] internal_create_groups+0x9d/0x150 [ 444.736581][T12877] device_add+0x77f/0x1a70 [ 444.736617][T12877] ? __pfx_device_add+0x10/0x10 [ 444.736648][T12877] ? lockdep_init_map_type+0x5c/0x280 [ 444.736686][T12877] ? __init_waitqueue_head+0xca/0x150 [ 444.736741][T12877] netdev_register_kobject+0x1a9/0x3d0 [ 444.736776][T12877] register_netdevice+0x13dc/0x2270 [ 444.736834][T12877] ? __pfx_register_netdevice+0x10/0x10 [ 444.736896][T12877] ppp_dev_configure+0xa1e/0xd40 [ 444.736954][T12877] ppp_ioctl+0x17e0/0x2660 [ 444.737002][T12877] ? find_held_lock+0x2b/0x80 [ 444.737029][T12877] ? __pfx_ppp_ioctl+0x10/0x10 [ 444.737084][T12877] ? __fget_files+0x20e/0x3c0 [ 444.737141][T12877] ? __pfx_ppp_ioctl+0x10/0x10 [ 444.737190][T12877] __x64_sys_ioctl+0x18b/0x210 [ 444.737241][T12877] do_syscall_64+0xcd/0x490 [ 444.737289][T12877] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 444.737318][T12877] RIP: 0033:0x7fe53bf8eb69 [ 444.737344][T12877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 444.737375][T12877] RSP: 002b:00007fe53cd7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 444.737405][T12877] RAX: ffffffffffffffda RBX: 00007fe53c1b5fa0 RCX: 00007fe53bf8eb69 [ 444.737426][T12877] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000005 [ 444.737444][T12877] RBP: 00007fe53c011df1 R08: 0000000000000000 R09: 0000000000000000 [ 444.737463][T12877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 444.737480][T12877] R13: 0000000000000000 R14: 00007fe53c1b5fa0 R15: 00007ffcc9d95168 [ 444.737524][T12877] [ 445.219442][T12885] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2511'. [ 445.231688][T12885] IPv6: Can't replace route, no match found [ 445.315668][T12887] FAULT_INJECTION: forcing a failure. [ 445.315668][T12887] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 445.333975][T12887] CPU: 1 UID: 0 PID: 12887 Comm: syz.1.2512 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 445.334028][T12887] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 445.334040][T12887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 445.334056][T12887] Call Trace: [ 445.334066][T12887] [ 445.334076][T12887] dump_stack_lvl+0x16c/0x1f0 [ 445.334121][T12887] should_fail_ex+0x512/0x640 [ 445.334152][T12887] _copy_from_iter+0x463/0x16f0 [ 445.334193][T12887] ? __pfx__copy_from_iter+0x10/0x10 [ 445.334222][T12887] ? do_raw_spin_lock+0x12c/0x2b0 [ 445.334266][T12887] ? find_held_lock+0x2b/0x80 [ 445.334295][T12887] ? rcu_is_watching+0x12/0xc0 [ 445.334320][T12887] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 445.334357][T12887] write_pool_user+0xe8/0x2f0 [ 445.334387][T12887] ? __pfx_write_pool_user+0x10/0x10 [ 445.334420][T12887] ? __futex_wait+0x24c/0x2f0 [ 445.334456][T12887] ? copy_iovec_from_user+0x131/0x170 [ 445.334504][T12887] do_iter_readv_writev+0x657/0x950 [ 445.334534][T12887] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 445.334575][T12887] ? bpf_lsm_file_permission+0x9/0x10 [ 445.334610][T12887] ? security_file_permission+0x71/0x210 [ 445.334640][T12887] ? rw_verify_area+0xcf/0x6c0 [ 445.334668][T12887] vfs_writev+0x35f/0xde0 [ 445.334704][T12887] ? __pfx_vfs_writev+0x10/0x10 [ 445.334731][T12887] ? kmem_cache_free+0x2d1/0x4d0 [ 445.334782][T12887] ? __fget_files+0x20e/0x3c0 [ 445.334818][T12887] ? do_writev+0x132/0x340 [ 445.334839][T12887] do_writev+0x132/0x340 [ 445.334865][T12887] ? __pfx_do_writev+0x10/0x10 [ 445.334901][T12887] do_syscall_64+0xcd/0x490 [ 445.334940][T12887] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 445.334965][T12887] RIP: 0033:0x7f5df978eb69 [ 445.334987][T12887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 445.335011][T12887] RSP: 002b:00007f5dfa6d1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 445.335037][T12887] RAX: ffffffffffffffda RBX: 00007f5df99b5fa0 RCX: 00007f5df978eb69 [ 445.335055][T12887] RDX: 0000000000000003 RSI: 00002000000003c0 RDI: 0000000000000005 [ 445.335070][T12887] RBP: 00007f5df9811df1 R08: 0000000000000000 R09: 0000000000000000 [ 445.335085][T12887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 445.335100][T12887] R13: 0000000000000000 R14: 00007f5df99b5fa0 R15: 00007fff30ae59d8 [ 445.335133][T12887] [ 445.653570][T12863] size and base must be multiples of 4 kiB [ 445.670529][T12863] CPU: 0 UID: 0 PID: 12863 Comm: syz.3.2503 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 445.670803][T12863] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 445.670817][T12863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 445.670834][T12863] Call Trace: [ 445.670844][T12863] [ 445.670857][T12863] dump_stack_lvl+0x16c/0x1f0 [ 445.670907][T12863] mtrr_add+0xdf/0x110 [ 445.670944][T12863] mtrr_ioctl+0x7ef/0xcf0 [ 445.670983][T12863] ? __pfx_mtrr_ioctl+0x10/0x10 [ 445.671026][T12863] ? find_held_lock+0x2b/0x80 [ 445.671064][T12863] ? __fget_files+0x20e/0x3c0 [ 445.671094][T12863] ? __pfx_mtrr_ioctl+0x10/0x10 [ 445.671132][T12863] proc_reg_unlocked_ioctl+0x229/0x320 [ 445.671167][T12863] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 445.671207][T12863] __x64_sys_ioctl+0x18b/0x210 [ 445.671254][T12863] do_syscall_64+0xcd/0x490 [ 445.671297][T12863] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 445.671326][T12863] RIP: 0033:0x7f6f51f8eb69 [ 445.671351][T12863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 445.671377][T12863] RSP: 002b:00007f6f52db9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 445.671404][T12863] RAX: ffffffffffffffda RBX: 00007f6f521b5fa0 RCX: 00007f6f51f8eb69 [ 445.671423][T12863] RDX: 0000000000000005 RSI: 00000000400c4d01 RDI: 0000000000000005 [ 445.671439][T12863] RBP: 00007f6f52011df1 R08: 0000000000000000 R09: 0000000000000000 [ 445.671457][T12863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 445.671474][T12863] R13: 0000000000000000 R14: 00007f6f521b5fa0 R15: 00007ffcd84ccda8 [ 445.671512][T12863] [ 446.957327][T12918] netlink: 326 bytes leftover after parsing attributes in process `syz.2.2519'. [ 447.219439][T12927] i2c i2c-0: Invalid 7-bit I2C address 0x00 [ 447.307674][T12930] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2523'. [ 447.370283][T12930] bridge0: port 2(bridge_slave_1) entered disabled state [ 447.483209][T12930] bridge_slave_1 (unregistering): left allmulticast mode [ 447.508386][T12930] bridge_slave_1 (unregistering): left promiscuous mode [ 447.527765][T12930] bridge0: port 2(bridge_slave_1) entered disabled state [ 447.994744][T12941] zswap: compressor not available [ 448.135350][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 448.185044][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 448.268640][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 448.541248][T12963] FAULT_INJECTION: forcing a failure. [ 448.541248][T12963] name failslab, interval 1, probability 0, space 0, times 0 [ 448.594424][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 448.610818][T12963] CPU: 0 UID: 0 PID: 12963 Comm: syz.2.2528 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 448.610874][T12963] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 448.610888][T12963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 448.610906][T12963] Call Trace: [ 448.610916][T12963] [ 448.610929][T12963] dump_stack_lvl+0x16c/0x1f0 [ 448.610979][T12963] should_fail_ex+0x512/0x640 [ 448.611008][T12963] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 448.611053][T12963] should_failslab+0xc2/0x120 [ 448.611092][T12963] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 448.611128][T12963] ? kvasprintf_const+0x66/0x1a0 [ 448.611171][T12963] kvasprintf+0xbc/0x160 [ 448.611204][T12963] ? __pfx_kvasprintf+0x10/0x10 [ 448.611241][T12963] ? find_held_lock+0x2b/0x80 [ 448.611279][T12963] ? rcu_read_unlock+0x17/0x60 [ 448.611324][T12963] kvasprintf_const+0x66/0x1a0 [ 448.611362][T12963] kobject_set_name_vargs+0x5a/0x140 [ 448.611393][T12963] dev_set_name+0xc7/0x100 [ 448.611430][T12963] ? __pfx_dev_set_name+0x10/0x10 [ 448.611462][T12963] ? rcu_is_watching+0x12/0xc0 [ 448.611492][T12963] ? rcu_is_watching+0x12/0xc0 [ 448.611520][T12963] ? trace_kmalloc+0x2b/0xd0 [ 448.611555][T12963] ? __kmalloc_noprof.cold+0x5c/0x61 [ 448.611608][T12963] wiphy_new_nm+0x811/0x2190 [ 448.611652][T12963] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 448.611699][T12963] ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10 [ 448.611745][T12963] ieee80211_alloc_hw_nm+0x1b7a/0x2260 [ 448.611787][T12963] ? __local_bh_enable_ip+0xa4/0x120 [ 448.611828][T12963] mac80211_hwsim_new_radio+0x1d4/0x54d0 [ 448.611892][T12963] ? __asan_memset+0x23/0x50 [ 448.611924][T12963] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 448.611974][T12963] hwsim_new_radio_nl+0xb51/0x12c0 [ 448.612013][T12963] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 448.612063][T12963] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 448.612096][T12963] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 448.612138][T12963] genl_family_rcv_msg_doit+0x206/0x2f0 [ 448.612173][T12963] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 448.612205][T12963] ? trace_cap_capable+0x18d/0x200 [ 448.612260][T12963] ? bpf_lsm_capable+0x9/0x10 [ 448.612294][T12963] ? security_capable+0x7e/0x260 [ 448.612341][T12963] ? ns_capable+0xd7/0x110 [ 448.612376][T12963] genl_rcv_msg+0x55c/0x800 [ 448.612409][T12963] ? __pfx_genl_rcv_msg+0x10/0x10 [ 448.612437][T12963] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 448.612485][T12963] netlink_rcv_skb+0x155/0x420 [ 448.612525][T12963] ? __pfx_genl_rcv_msg+0x10/0x10 [ 448.612556][T12963] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 448.612613][T12963] ? netlink_deliver_tap+0x1ae/0xd30 [ 448.612657][T12963] genl_rcv+0x28/0x40 [ 448.612681][T12963] netlink_unicast+0x5aa/0x870 [ 448.612733][T12963] ? __pfx_netlink_unicast+0x10/0x10 [ 448.612780][T12963] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 448.612843][T12963] netlink_sendmsg+0x8d1/0xdd0 [ 448.612899][T12963] ? __pfx_netlink_sendmsg+0x10/0x10 [ 448.612965][T12963] ____sys_sendmsg+0xa98/0xc70 [ 448.612999][T12963] ? copy_msghdr_from_user+0x10a/0x160 [ 448.613043][T12963] ? __pfx_____sys_sendmsg+0x10/0x10 [ 448.613089][T12963] ? __pfx_futex_wake_mark+0x10/0x10 [ 448.613143][T12963] ___sys_sendmsg+0x134/0x1d0 [ 448.613184][T12963] ? futex_private_hash_put+0x176/0x300 [ 448.613223][T12963] ? __pfx____sys_sendmsg+0x10/0x10 [ 448.613263][T12963] ? __lock_acquire+0x622/0x1c90 [ 448.613377][T12963] __sys_sendmsg+0x16d/0x220 [ 448.613424][T12963] ? __pfx___sys_sendmsg+0x10/0x10 [ 448.613470][T12963] ? __x64_sys_futex+0x1e0/0x4c0 [ 448.613540][T12963] do_syscall_64+0xcd/0x490 [ 448.613590][T12963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 448.613622][T12963] RIP: 0033:0x7fa7f498eb69 [ 448.613647][T12963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 448.613677][T12963] RSP: 002b:00007fa7f586c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 448.613705][T12963] RAX: ffffffffffffffda RBX: 00007fa7f4bb5fa0 RCX: 00007fa7f498eb69 [ 448.613724][T12963] RDX: 0000000004048000 RSI: 0000200000004240 RDI: 0000000000000003 [ 448.613742][T12963] RBP: 00007fa7f4a11df1 R08: 0000000000000000 R09: 0000000000000000 [ 448.613761][T12963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 448.613779][T12963] R13: 0000000000000000 R14: 00007fa7f4bb5fa0 R15: 00007ffd9c6cbb08 [ 448.613824][T12963] [ 449.913784][ T30] audit: type=1804 audit(4294971688.226:12): pid=12980 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2530" name="/newroot/647/file0" dev="tmpfs" ino=3321 res=1 errno=0 [ 450.136365][T12959] size and base must be multiples of 4 kiB [ 450.153601][T12959] CPU: 0 UID: 0 PID: 12959 Comm: syz.1.2527 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 450.153657][T12959] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 450.153669][T12959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 450.153686][T12959] Call Trace: [ 450.153700][T12959] [ 450.153712][T12959] dump_stack_lvl+0x16c/0x1f0 [ 450.153760][T12959] mtrr_add+0xdf/0x110 [ 450.153798][T12959] mtrr_ioctl+0x7ef/0xcf0 [ 450.153838][T12959] ? __pfx_mtrr_ioctl+0x10/0x10 [ 450.153884][T12959] ? find_held_lock+0x2b/0x80 [ 450.153924][T12959] ? __fget_files+0x20e/0x3c0 [ 450.153954][T12959] ? __pfx_mtrr_ioctl+0x10/0x10 [ 450.153990][T12959] proc_reg_unlocked_ioctl+0x229/0x320 [ 450.154025][T12959] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 450.154062][T12959] __x64_sys_ioctl+0x18b/0x210 [ 450.154106][T12959] do_syscall_64+0xcd/0x490 [ 450.154146][T12959] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 450.154175][T12959] RIP: 0033:0x7f5df978eb69 [ 450.154197][T12959] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 450.154224][T12959] RSP: 002b:00007f5dfa6d1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 450.154253][T12959] RAX: ffffffffffffffda RBX: 00007f5df99b5fa0 RCX: 00007f5df978eb69 [ 450.154272][T12959] RDX: 0000000000000005 RSI: 00000000400c4d01 RDI: 0000000000000005 [ 450.154288][T12959] RBP: 00007f5df9811df1 R08: 0000000000000000 R09: 0000000000000000 [ 450.154304][T12959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 450.154320][T12959] R13: 0000000000000000 R14: 00007f5df99b5fa0 R15: 00007fff30ae59d8 [ 450.154357][T12959] [ 451.788410][T13015] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 452.596349][T13043] FAULT_INJECTION: forcing a failure. [ 452.596349][T13043] name fail_futex, interval 1, probability 0, space 0, times 1 [ 452.628033][T13043] CPU: 1 UID: 0 PID: 13043 Comm: syz.0.2550 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 452.628092][T13043] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 452.628106][T13043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 452.628125][T13043] Call Trace: [ 452.628137][T13043] [ 452.628149][T13043] dump_stack_lvl+0x16c/0x1f0 [ 452.628197][T13043] should_fail_ex+0x512/0x640 [ 452.628230][T13043] get_futex_key+0x1d0/0x1540 [ 452.628271][T13043] ? __pfx_get_futex_key+0x10/0x10 [ 452.628304][T13043] ? aa_get_newest_label+0x375/0x680 [ 452.628361][T13043] futex_wake+0xea/0x530 [ 452.628401][T13043] ? __pfx___might_resched+0x10/0x10 [ 452.628434][T13043] ? __pfx_futex_wake+0x10/0x10 [ 452.628475][T13043] ? key_task_permission+0x2e5/0x400 [ 452.628546][T13043] ? lookup_user_key+0x2ce/0x1300 [ 452.628584][T13043] do_futex+0x1e3/0x350 [ 452.628628][T13043] ? __pfx_do_futex+0x10/0x10 [ 452.628678][T13043] __x64_sys_futex+0x1e0/0x4c0 [ 452.628717][T13043] ? putname+0x154/0x1a0 [ 452.628757][T13043] ? __pfx___x64_sys_futex+0x10/0x10 [ 452.628802][T13043] ? keyctl_keyring_move+0x117/0x150 [ 452.628857][T13043] do_syscall_64+0xcd/0x490 [ 452.628905][T13043] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 452.628936][T13043] RIP: 0033:0x7fe53bf8eb69 [ 452.628960][T13043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 452.628990][T13043] RSP: 002b:00007fe53cd7c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 452.629020][T13043] RAX: ffffffffffffffda RBX: 00007fe53c1b5fa8 RCX: 00007fe53bf8eb69 [ 452.629040][T13043] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe53c1b5fac [ 452.629059][T13043] RBP: 00007fe53c1b5fa0 R08: 00007fe53cd7d000 R09: 0000000000000000 [ 452.629077][T13043] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fe53c1b5fac [ 452.629097][T13043] R13: 0000000000000000 R14: 00007ffcc9d95080 R15: 00007ffcc9d95168 [ 452.629135][T13043] [ 454.463744][T13084] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 454.611921][T13068] size and base must be multiples of 4 kiB [ 454.631559][T13068] CPU: 0 UID: 0 PID: 13068 Comm: syz.0.2545 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 454.631618][T13068] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 454.631631][T13068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 454.631650][T13068] Call Trace: [ 454.631661][T13068] [ 454.631673][T13068] dump_stack_lvl+0x16c/0x1f0 [ 454.631723][T13068] mtrr_add+0xdf/0x110 [ 454.631766][T13068] mtrr_ioctl+0x7ef/0xcf0 [ 454.631809][T13068] ? __pfx_mtrr_ioctl+0x10/0x10 [ 454.631858][T13068] ? find_held_lock+0x2b/0x80 [ 454.631898][T13068] ? __fget_files+0x20e/0x3c0 [ 454.631930][T13068] ? __pfx_mtrr_ioctl+0x10/0x10 [ 454.631972][T13068] proc_reg_unlocked_ioctl+0x229/0x320 [ 454.632011][T13068] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 454.632055][T13068] __x64_sys_ioctl+0x18b/0x210 [ 454.632105][T13068] do_syscall_64+0xcd/0x490 [ 454.632151][T13068] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 454.632181][T13068] RIP: 0033:0x7fe53bf8eb69 [ 454.632206][T13068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 454.632234][T13068] RSP: 002b:00007fe53cd7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 454.632261][T13068] RAX: ffffffffffffffda RBX: 00007fe53c1b5fa0 RCX: 00007fe53bf8eb69 [ 454.632281][T13068] RDX: 0000000000000005 RSI: 00000000400c4d01 RDI: 0000000000000005 [ 454.632299][T13068] RBP: 00007fe53c011df1 R08: 0000000000000000 R09: 0000000000000000 [ 454.632316][T13068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 454.632334][T13068] R13: 0000000000000000 R14: 00007fe53c1b5fa0 R15: 00007ffcc9d95168 [ 454.632375][T13068] [ 456.012185][T13106] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2562'. [ 456.177173][T13110] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2556'. [ 456.249516][T13110] bridge0: port 2(bridge_slave_1) entered disabled state [ 456.291400][T13110] bridge_slave_1 (unregistering): left allmulticast mode [ 456.303305][T13110] bridge0: port 2(bridge_slave_1) entered disabled state [ 457.039766][T13126] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2560'. [ 457.062021][T13126] netlink: 354 bytes leftover after parsing attributes in process `syz.0.2560'. [ 457.259529][T13133] random: crng reseeded on system resumption [ 460.993053][T13170] Process accounting resumed [ 461.278411][T13196] random: crng reseeded on system resumption [ 461.305490][T13198] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2586'. [ 461.678333][T13207] syz.0.2591 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 462.747689][T13227] netlink: 146 bytes leftover after parsing attributes in process `syz.2.2596'. [ 462.936490][T13234] random: crng reseeded on system resumption [ 463.557049][T13245] FAULT_INJECTION: forcing a failure. [ 463.557049][T13245] name failslab, interval 1, probability 0, space 0, times 0 [ 463.707167][T13245] CPU: 0 UID: 0 PID: 13245 Comm: syz.2.2603 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 463.707224][T13245] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 463.707237][T13245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 463.707255][T13245] Call Trace: [ 463.707266][T13245] [ 463.707278][T13245] dump_stack_lvl+0x16c/0x1f0 [ 463.707328][T13245] should_fail_ex+0x512/0x640 [ 463.707355][T13245] ? fs_reclaim_acquire+0xae/0x150 [ 463.707402][T13245] should_failslab+0xc2/0x120 [ 463.707454][T13245] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 463.707491][T13245] ? security_inode_alloc+0x3b/0x2b0 [ 463.707545][T13245] security_inode_alloc+0x3b/0x2b0 [ 463.707595][T13245] inode_init_always_gfp+0xce4/0x1030 [ 463.707637][T13245] alloc_inode+0x86/0x240 [ 463.707678][T13245] sock_alloc+0x40/0x280 [ 463.707725][T13245] __sock_create+0xc1/0x8d0 [ 463.707767][T13245] __sys_socketpair+0x25c/0x5a0 [ 463.707807][T13245] ? __pfx___sys_socketpair+0x10/0x10 [ 463.707840][T13245] ? __pfx_blkcg_maybe_throttle_current+0x10/0x10 [ 463.707888][T13245] ? xfd_validate_state+0x61/0x180 [ 463.707938][T13245] __x64_sys_socketpair+0x96/0x100 [ 463.707971][T13245] ? lockdep_hardirqs_on+0x7c/0x110 [ 463.708011][T13245] do_syscall_64+0xcd/0x490 [ 463.708058][T13245] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 463.708089][T13245] RIP: 0033:0x7fa7f498eb69 [ 463.708114][T13245] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 463.708150][T13245] RSP: 002b:00007fa7f586c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 463.708179][T13245] RAX: ffffffffffffffda RBX: 00007fa7f4bb5fa0 RCX: 00007fa7f498eb69 [ 463.708198][T13245] RDX: 8000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 463.708217][T13245] RBP: 00007fa7f4a11df1 R08: 0000000000000000 R09: 0000000000000000 [ 463.708235][T13245] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 463.708253][T13245] R13: 0000000000000000 R14: 00007fa7f4bb5fa0 R15: 00007ffd9c6cbb08 [ 463.708297][T13245] [ 463.708436][T13245] socket: no more sockets [ 464.839533][T13267] netlink: 146 bytes leftover after parsing attributes in process `syz.0.2619'. [ 464.854363][T13266] random: crng reseeded on system resumption [ 465.104620][T13273] netlink: 302 bytes leftover after parsing attributes in process `syz.3.2613'. [ 465.570646][T13286] netlink: 326 bytes leftover after parsing attributes in process `syz.0.2626'. [ 465.891932][T13296] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2620'. [ 465.923009][T13292] kvm: user requested TSC rate below hardware speed [ 465.971462][T13296] netlink: 'syz.3.2620': attribute type 3 has an invalid length. [ 466.017791][T13296] netlink: 158 bytes leftover after parsing attributes in process `syz.3.2620'. [ 466.397574][T13307] netlink: 'syz.3.2623': attribute type 4 has an invalid length. [ 468.847664][T13361] FAULT_INJECTION: forcing a failure. [ 468.847664][T13361] name failslab, interval 1, probability 0, space 0, times 0 [ 468.907857][T13361] CPU: 1 UID: 0 PID: 13361 Comm: syz.0.2646 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 468.907917][T13361] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 468.907931][T13361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 468.907952][T13361] Call Trace: [ 468.907964][T13361] [ 468.907976][T13361] dump_stack_lvl+0x16c/0x1f0 [ 468.908027][T13361] should_fail_ex+0x512/0x640 [ 468.908056][T13361] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 468.908097][T13361] should_failslab+0xc2/0x120 [ 468.908136][T13361] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 468.908171][T13361] ? __d_alloc+0x32/0xae0 [ 468.908212][T13361] __d_alloc+0x32/0xae0 [ 468.908253][T13361] d_alloc_pseudo+0x1c/0xc0 [ 468.908297][T13361] alloc_file_pseudo+0xcf/0x230 [ 468.908343][T13361] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 468.908397][T13361] ? security_inode_init_security_anon+0x79/0x240 [ 468.908457][T13361] secretmem_file_create.constprop.0+0x89/0x290 [ 468.908500][T13361] __x64_sys_memfd_secret+0xc1/0x150 [ 468.908538][T13361] do_syscall_64+0xcd/0x490 [ 468.908584][T13361] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 468.908616][T13361] RIP: 0033:0x7fe53bf8eb69 [ 468.908641][T13361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 468.908671][T13361] RSP: 002b:00007fe53cd7c038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf [ 468.908696][T13361] RAX: ffffffffffffffda RBX: 00007fe53c1b5fa0 RCX: 00007fe53bf8eb69 [ 468.908716][T13361] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 468.908734][T13361] RBP: 00007fe53c011df1 R08: 0000000000000000 R09: 0000000000000000 [ 468.908753][T13361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 468.908772][T13361] R13: 0000000000000000 R14: 00007fe53c1b5fa0 R15: 00007ffcc9d95168 [ 468.908813][T13361] [ 469.189255][T13367] netlink: 146 bytes leftover after parsing attributes in process `syz.2.2649'. [ 469.780536][T13384] usb usb23: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 471.050022][T13406] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2661'. [ 471.281025][T13396] FAULT_INJECTION: forcing a failure. [ 471.281025][T13396] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 471.342660][T13396] CPU: 0 UID: 0 PID: 13396 Comm: syz.0.2658 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 471.342722][T13396] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 471.342736][T13396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 471.342755][T13396] Call Trace: [ 471.342767][T13396] [ 471.342780][T13396] dump_stack_lvl+0x16c/0x1f0 [ 471.342831][T13396] should_fail_ex+0x512/0x640 [ 471.342871][T13396] should_fail_alloc_page+0xe7/0x130 [ 471.342916][T13396] prepare_alloc_pages+0x3c2/0x610 [ 471.342961][T13396] ? rcu_is_watching+0x12/0xc0 [ 471.342998][T13396] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 471.343037][T13396] ? __lock_acquire+0xb8a/0x1c90 [ 471.343094][T13396] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 471.343131][T13396] ? do_raw_spin_lock+0x12c/0x2b0 [ 471.343177][T13396] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 471.343223][T13396] ? find_held_lock+0x2b/0x80 [ 471.343266][T13396] ? __lock_acquire+0xb8a/0x1c90 [ 471.343305][T13396] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 471.343353][T13396] ? policy_nodemask+0xea/0x4e0 [ 471.343406][T13396] alloc_pages_mpol+0x1fb/0x550 [ 471.343449][T13396] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 471.343504][T13396] folio_alloc_mpol_noprof+0x36/0x2f0 [ 471.343553][T13396] shmem_alloc_folio+0x135/0x160 [ 471.343605][T13396] shmem_alloc_and_add_folio+0x499/0xc20 [ 471.343652][T13396] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 471.343693][T13396] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 471.343738][T13396] shmem_get_folio_gfp+0x67f/0x1600 [ 471.343783][T13396] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 471.343820][T13396] ? __pfx___might_resched+0x10/0x10 [ 471.343860][T13396] shmem_fallocate+0x795/0xf50 [ 471.343918][T13396] ? __pfx_shmem_fallocate+0x10/0x10 [ 471.343953][T13396] ? aa_file_perm+0x495/0xf70 [ 471.344003][T13396] ? __lock_acquire+0xb8a/0x1c90 [ 471.344048][T13396] ? __lock_acquire+0x622/0x1c90 [ 471.344117][T13396] ? __pfx_shmem_fallocate+0x10/0x10 [ 471.344148][T13396] vfs_fallocate+0x5b1/0x10e0 [ 471.344182][T13396] ? __pfx_vfs_fallocate+0x10/0x10 [ 471.344223][T13396] __x64_sys_fallocate+0xd5/0x150 [ 471.344258][T13396] do_syscall_64+0xcd/0x490 [ 471.344300][T13396] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 471.344330][T13396] RIP: 0033:0x7fe53bf8eb69 [ 471.344356][T13396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 471.344390][T13396] RSP: 002b:00007fe53cd7c038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 471.344418][T13396] RAX: ffffffffffffffda RBX: 00007fe53c1b5fa0 RCX: 00007fe53bf8eb69 [ 471.344436][T13396] RDX: 0000000000000009 RSI: 0000000000000000 RDI: 8000000000000003 [ 471.344451][T13396] RBP: 00007fe53c011df1 R08: 0000000000000000 R09: 0000000000000000 [ 471.344466][T13396] R10: 00000000004cbd5d R11: 0000000000000246 R12: 0000000000000000 [ 471.344481][T13396] R13: 0000000000000000 R14: 00007fe53c1b5fa0 R15: 00007ffcc9d95168 [ 471.344520][T13396] [ 472.068604][T13428] FAULT_INJECTION: forcing a failure. [ 472.068604][T13428] name failslab, interval 1, probability 0, space 0, times 0 [ 472.141669][T13428] CPU: 1 UID: 0 PID: 13428 Comm: syz.1.2665 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 472.141728][T13428] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 472.141742][T13428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 472.141759][T13428] Call Trace: [ 472.141770][T13428] [ 472.141782][T13428] dump_stack_lvl+0x16c/0x1f0 [ 472.141829][T13428] should_fail_ex+0x512/0x640 [ 472.141856][T13428] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 472.141901][T13428] should_failslab+0xc2/0x120 [ 472.141941][T13428] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 472.141981][T13428] ? __kthread_create_on_node+0x186/0x3f0 [ 472.142030][T13428] kvasprintf+0xbc/0x160 [ 472.142066][T13428] ? __pfx_kvasprintf+0x10/0x10 [ 472.142114][T13428] ? __pfx_dvb_frontend_thread+0x10/0x10 [ 472.142155][T13428] __kthread_create_on_node+0x186/0x3f0 [ 472.142192][T13428] ? __pfx___mutex_trylock_common+0x10/0x10 [ 472.142233][T13428] ? __pfx___kthread_create_on_node+0x10/0x10 [ 472.142282][T13428] ? xen_error_entry+0x30/0x60 [ 472.142322][T13428] ? __pfx_dvb_frontend_thread+0x10/0x10 [ 472.142369][T13428] kthread_create_on_node+0xc7/0x100 [ 472.142408][T13428] ? __pfx_kthread_create_on_node+0x10/0x10 [ 472.142469][T13428] ? mark_held_locks+0x49/0x80 [ 472.142507][T13428] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 472.142543][T13428] ? lockdep_hardirqs_on+0x7c/0x110 [ 472.142594][T13428] dvb_frontend_open+0xf47/0x1730 [ 472.142652][T13428] ? __pfx_dvb_frontend_open+0x10/0x10 [ 472.142696][T13428] dvb_device_open+0x270/0x3b0 [ 472.142742][T13428] ? __pfx_dvb_device_open+0x10/0x10 [ 472.142787][T13428] chrdev_open+0x231/0x6a0 [ 472.142824][T13428] ? __pfx_apparmor_file_open+0x10/0x10 [ 472.142857][T13428] ? __pfx_chrdev_open+0x10/0x10 [ 472.142897][T13428] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 472.142941][T13428] do_dentry_open+0x97f/0x1530 [ 472.142978][T13428] ? __pfx_chrdev_open+0x10/0x10 [ 472.143026][T13428] vfs_open+0x82/0x3f0 [ 472.143075][T13428] path_openat+0x1de4/0x2cb0 [ 472.143119][T13428] ? __pfx_path_openat+0x10/0x10 [ 472.143150][T13428] ? __lock_acquire+0xb8a/0x1c90 [ 472.143180][T13428] do_filp_open+0x20b/0x470 [ 472.143199][T13428] ? __pfx_do_filp_open+0x10/0x10 [ 472.143235][T13428] ? alloc_fd+0x471/0x7d0 [ 472.143259][T13428] do_sys_openat2+0x11b/0x1d0 [ 472.143283][T13428] ? __pfx_do_sys_openat2+0x10/0x10 [ 472.143317][T13428] __x64_sys_openat+0x174/0x210 [ 472.143342][T13428] ? __pfx___x64_sys_openat+0x10/0x10 [ 472.143375][T13428] do_syscall_64+0xcd/0x490 [ 472.143402][T13428] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 472.143427][T13428] RIP: 0033:0x7f5df978eb69 [ 472.143443][T13428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 472.143460][T13428] RSP: 002b:00007f5dfa6d1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 472.143478][T13428] RAX: ffffffffffffffda RBX: 00007f5df99b5fa0 RCX: 00007f5df978eb69 [ 472.143490][T13428] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 472.143500][T13428] RBP: 00007f5df9811df1 R08: 0000000000000000 R09: 0000000000000000 [ 472.143511][T13428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 472.143521][T13428] R13: 0000000000000000 R14: 00007f5df99b5fa0 R15: 00007fff30ae59d8 [ 472.143544][T13428] [ 472.599908][T13428] i2c i2c-0: dvb_frontend_start: failed to start kthread (-12) [ 472.638821][T13436] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2669'. [ 472.652426][T13436] bridge0: port 2(bridge_slave_1) entered disabled state [ 472.687024][T13436] bridge_slave_1 (unregistering): left allmulticast mode [ 472.697518][T13436] bridge_slave_1 (unregistering): left promiscuous mode [ 472.706664][T13436] bridge0: port 2(bridge_slave_1) entered disabled state [ 472.880448][T13426] size and base must be multiples of 4 kiB [ 472.886840][T13426] CPU: 1 UID: 0 PID: 13426 Comm: syz.2.2666 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 472.886874][T13426] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 472.886883][T13426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 472.886893][T13426] Call Trace: [ 472.886903][T13426] [ 472.886912][T13426] dump_stack_lvl+0x16c/0x1f0 [ 472.886942][T13426] mtrr_add+0xdf/0x110 [ 472.886967][T13426] mtrr_ioctl+0x7ef/0xcf0 [ 472.886991][T13426] ? __pfx_mtrr_ioctl+0x10/0x10 [ 472.887041][T13426] ? find_held_lock+0x2b/0x80 [ 472.887065][T13426] ? __fget_files+0x20e/0x3c0 [ 472.887084][T13426] ? __pfx_mtrr_ioctl+0x10/0x10 [ 472.887108][T13426] proc_reg_unlocked_ioctl+0x229/0x320 [ 472.887130][T13426] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 472.887154][T13426] __x64_sys_ioctl+0x18b/0x210 [ 472.887184][T13426] do_syscall_64+0xcd/0x490 [ 472.887210][T13426] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 472.887228][T13426] RIP: 0033:0x7fa7f498eb69 [ 472.887244][T13426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 472.887260][T13426] RSP: 002b:00007fa7f586c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 472.887277][T13426] RAX: ffffffffffffffda RBX: 00007fa7f4bb5fa0 RCX: 00007fa7f498eb69 [ 472.887288][T13426] RDX: 0000000000000005 RSI: 00000000400c4d01 RDI: 0000000000000005 [ 472.887298][T13426] RBP: 00007fa7f4a11df1 R08: 0000000000000000 R09: 0000000000000000 [ 472.887308][T13426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 472.887328][T13426] R13: 0000000000000000 R14: 00007fa7f4bb5fa0 R15: 00007ffd9c6cbb08 [ 472.887349][T13426] [ 474.367261][T13457] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2672'. [ 475.698787][T13472] sp0: Synchronizing with TNC [ 475.989327][T13483] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2679'. [ 477.340420][T13509] netlink: 326 bytes leftover after parsing attributes in process `syz.0.2689'. [ 477.801299][T13523] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2693'. [ 477.911389][T13523] veth0_macvtap: left promiscuous mode [ 479.345682][T13547] ERROR: Out of memory at tomoyo_memory_ok. [ 479.741695][T13556] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2700'. [ 480.741970][T13588] vhci_hcd: default hub control req: 0010 v0000 i0000 l0 [ 480.972292][T13592] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2705'. [ 481.840812][T13599] FAULT_INJECTION: forcing a failure. [ 481.840812][T13599] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 481.880616][T13599] CPU: 1 UID: 0 PID: 13599 Comm: syz.1.2707 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 481.880665][T13599] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 481.880674][T13599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 481.880688][T13599] Call Trace: [ 481.880700][T13599] [ 481.880711][T13599] dump_stack_lvl+0x16c/0x1f0 [ 481.880752][T13599] should_fail_ex+0x512/0x640 [ 481.880775][T13599] ? page_copy_sane+0xcd/0x2d0 [ 481.880808][T13599] copy_folio_from_iter_atomic+0x375/0x1aa0 [ 481.880851][T13599] ? fault_in_readable+0x135/0x1d0 [ 481.880886][T13599] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 481.880918][T13599] ? fault_in_readable+0x179/0x1d0 [ 481.880953][T13599] ? __pfx_fault_in_readable+0x10/0x10 [ 481.880983][T13599] ? rcu_is_watching+0x12/0xc0 [ 481.881008][T13599] ? I_BDEV+0xd/0x20 [ 481.881034][T13599] ? inode_to_bdi+0x9e/0x160 [ 481.881291][T13599] iomap_file_buffered_write+0x535/0xac0 [ 481.881360][T13599] ? __pfx_iomap_file_buffered_write+0x10/0x10 [ 481.881405][T13599] ? inode_set_ctime_current+0x2a1/0x8f0 [ 481.881479][T13599] ? __pfx_down_read+0x10/0x10 [ 481.881510][T13599] ? preempt_count_add+0x76/0x150 [ 481.881550][T13599] ? mnt_put_write_access_file+0xc1/0xf0 [ 481.881587][T13599] blkdev_write_iter+0x575/0xe00 [ 481.881641][T13599] vfs_write+0x6c7/0x1150 [ 481.881675][T13599] ? __pfx_blkdev_write_iter+0x10/0x10 [ 481.881723][T13599] ? __pfx_vfs_write+0x10/0x10 [ 481.881752][T13599] ? find_held_lock+0x2b/0x80 [ 481.881804][T13599] ksys_write+0x12a/0x250 [ 481.881835][T13599] ? __pfx_ksys_write+0x10/0x10 [ 481.881877][T13599] do_syscall_64+0xcd/0x490 [ 481.881923][T13599] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 481.881951][T13599] RIP: 0033:0x7f5df978eb69 [ 481.881976][T13599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 481.882005][T13599] RSP: 002b:00007f5dfa6d1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 481.882031][T13599] RAX: ffffffffffffffda RBX: 00007f5df99b5fa0 RCX: 00007f5df978eb69 [ 481.882062][T13599] RDX: 0000000080000000 RSI: 0000200000000040 RDI: 0000000000000005 [ 481.882080][T13599] RBP: 00007f5df9811df1 R08: 0000000000000000 R09: 0000000000000000 [ 481.882098][T13599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 481.882117][T13599] R13: 0000000000000000 R14: 00007f5df99b5fa0 R15: 00007fff30ae59d8 [ 481.882161][T13599] [ 482.737308][T13609] FAULT_INJECTION: forcing a failure. [ 482.737308][T13609] name failslab, interval 1, probability 0, space 0, times 0 [ 482.782816][T13609] CPU: 1 UID: 0 PID: 13609 Comm: syz.0.2713 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 482.782876][T13609] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 482.782890][T13609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 482.782909][T13609] Call Trace: [ 482.782920][T13609] [ 482.782932][T13609] dump_stack_lvl+0x16c/0x1f0 [ 482.782985][T13609] should_fail_ex+0x512/0x640 [ 482.783013][T13609] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 482.783053][T13609] should_failslab+0xc2/0x120 [ 482.783092][T13609] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 482.783128][T13609] ? dup_fd+0x4e/0xb90 [ 482.783159][T13609] ? do_futex+0x122/0x350 [ 482.783199][T13609] dup_fd+0x4e/0xb90 [ 482.783228][T13609] ? _raw_spin_unlock+0x28/0x50 [ 482.783265][T13609] ? do_set_mempolicy+0x220/0x480 [ 482.783314][T13609] __do_sys_close_range+0x4ca/0x730 [ 482.783363][T13609] ? __pfx___do_sys_close_range+0x10/0x10 [ 482.783413][T13609] do_syscall_64+0xcd/0x490 [ 482.783462][T13609] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 482.783492][T13609] RIP: 0033:0x7fe53bf8eb69 [ 482.783517][T13609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 482.783546][T13609] RSP: 002b:00007fe53cd7c038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 482.783583][T13609] RAX: ffffffffffffffda RBX: 00007fe53c1b5fa0 RCX: 00007fe53bf8eb69 [ 482.783604][T13609] RDX: 0000000000000002 RSI: fffffffffffff000 RDI: 0000000000000000 [ 482.783622][T13609] RBP: 00007fe53c011df1 R08: 0000000000000000 R09: 0000000000000000 [ 482.783641][T13609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 482.783659][T13609] R13: 0000000000000000 R14: 00007fe53c1b5fa0 R15: 00007ffcc9d95168 [ 482.783703][T13609] [ 483.081927][T13614] FAULT_INJECTION: forcing a failure. [ 483.081927][T13614] name failslab, interval 1, probability 0, space 0, times 0 [ 483.131612][T13614] CPU: 0 UID: 0 PID: 13614 Comm: syz.1.2714 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 483.131679][T13614] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 483.131694][T13614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 483.131713][T13614] Call Trace: [ 483.131724][T13614] [ 483.131737][T13614] dump_stack_lvl+0x16c/0x1f0 [ 483.131785][T13614] should_fail_ex+0x512/0x640 [ 483.131814][T13614] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 483.131851][T13614] should_failslab+0xc2/0x120 [ 483.131891][T13614] __kmalloc_cache_noprof+0x6a/0x3e0 [ 483.131923][T13614] ? rtnl_newlink+0x11b/0x2000 [ 483.131974][T13614] ? __pfx_rtnl_newlink+0x10/0x10 [ 483.132018][T13614] rtnl_newlink+0x11b/0x2000 [ 483.132075][T13614] ? __pfx_rtnl_newlink+0x10/0x10 [ 483.132117][T13614] ? kasan_quarantine_put+0x10a/0x240 [ 483.132149][T13614] ? lockdep_hardirqs_on+0x7c/0x110 [ 483.132198][T13614] ? kmem_cache_free+0x2d1/0x4d0 [ 483.132230][T13614] ? kfree_skbmem+0x1a4/0x1f0 [ 483.132276][T13614] ? __lock_acquire+0x622/0x1c90 [ 483.132329][T13614] ? rcu_is_watching+0x12/0xc0 [ 483.132360][T13614] ? trace_cap_capable+0x18d/0x200 [ 483.132418][T13614] ? find_held_lock+0x2b/0x80 [ 483.132446][T13614] ? __pfx_rtnl_newlink+0x10/0x10 [ 483.132490][T13614] ? __pfx_rtnl_newlink+0x10/0x10 [ 483.132534][T13614] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 483.132584][T13614] ? __pfx_rtnl_newlink+0x10/0x10 [ 483.132633][T13614] rtnetlink_rcv_msg+0x95e/0xe90 [ 483.132685][T13614] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 483.132746][T13614] ? ref_tracker_free+0x37c/0x830 [ 483.132786][T13614] netlink_rcv_skb+0x155/0x420 [ 483.132833][T13614] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 483.132884][T13614] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 483.132948][T13614] ? netlink_deliver_tap+0x1ae/0xd30 [ 483.133002][T13614] netlink_unicast+0x5aa/0x870 [ 483.133054][T13614] ? __pfx_netlink_unicast+0x10/0x10 [ 483.133101][T13614] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 483.133161][T13614] netlink_sendmsg+0x8d1/0xdd0 [ 483.133216][T13614] ? __pfx_netlink_sendmsg+0x10/0x10 [ 483.133281][T13614] __sys_sendto+0x4a0/0x520 [ 483.133336][T13614] ? __pfx___sys_sendto+0x10/0x10 [ 483.133392][T13614] ? find_held_lock+0x2b/0x80 [ 483.133457][T13614] __x64_sys_sendto+0xe0/0x1c0 [ 483.133516][T13614] ? do_syscall_64+0x91/0x490 [ 483.133561][T13614] ? lockdep_hardirqs_on+0x7c/0x110 [ 483.133604][T13614] do_syscall_64+0xcd/0x490 [ 483.133653][T13614] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 483.133684][T13614] RIP: 0033:0x7f5df97909fc [ 483.133711][T13614] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 483.133741][T13614] RSP: 002b:00007f5dfa6cfec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 483.133771][T13614] RAX: ffffffffffffffda RBX: 00007f5dfa6cffc0 RCX: 00007f5df97909fc [ 483.133791][T13614] RDX: 000000000000001c RSI: 00007f5dfa6d0010 RDI: 0000000000000003 [ 483.133810][T13614] RBP: 0000000000000000 R08: 00007f5dfa6cff14 R09: 000000000000000c [ 483.133828][T13614] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 483.133846][T13614] R13: 00007f5dfa6cff68 R14: 00007f5dfa6d0010 R15: 0000000000000000 [ 483.133886][T13614] [ 483.564072][T13620] ================================================================== [ 483.572908][T13620] BUG: KASAN: slab-use-after-free in dvb_device_open+0x36a/0x3b0 [ 483.580966][T13620] Read of size 8 at addr ffff88802a9dfe18 by task syz.0.2719/13620 [ 483.589348][T13620] [ 483.591728][T13620] CPU: 0 UID: 0 PID: 13620 Comm: syz.0.2719 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 483.591785][T13620] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 483.591799][T13620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 483.591819][T13620] Call Trace: [ 483.591830][T13620] [ 483.591842][T13620] dump_stack_lvl+0x116/0x1f0 [ 483.591890][T13620] print_report+0xcd/0x630 [ 483.591929][T13620] ? __virt_addr_valid+0x81/0x610 [ 483.591966][T13620] ? __phys_addr+0xe8/0x180 [ 483.592002][T13620] ? dvb_device_open+0x36a/0x3b0 [ 483.592046][T13620] kasan_report+0xe0/0x110 [ 483.592095][T13620] ? dvb_device_open+0x36a/0x3b0 [ 483.592143][T13620] ? __pfx_dvb_device_open+0x10/0x10 [ 483.592187][T13620] dvb_device_open+0x36a/0x3b0 [ 483.592232][T13620] ? __pfx_dvb_device_open+0x10/0x10 [ 483.592278][T13620] chrdev_open+0x231/0x6a0 [ 483.592315][T13620] ? __pfx_apparmor_file_open+0x10/0x10 [ 483.592347][T13620] ? __pfx_chrdev_open+0x10/0x10 [ 483.592385][T13620] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 483.592424][T13620] do_dentry_open+0x97f/0x1530 [ 483.592458][T13620] ? __pfx_chrdev_open+0x10/0x10 [ 483.592495][T13620] vfs_open+0x82/0x3f0 [ 483.592538][T13620] path_openat+0x1de4/0x2cb0 [ 483.592579][T13620] ? __pfx_path_openat+0x10/0x10 [ 483.592615][T13620] ? __lock_acquire+0xb8a/0x1c90 [ 483.592657][T13620] do_filp_open+0x20b/0x470 [ 483.592692][T13620] ? __pfx_do_filp_open+0x10/0x10 [ 483.592744][T13620] ? alloc_fd+0x471/0x7d0 [ 483.592782][T13620] do_sys_openat2+0x11b/0x1d0 [ 483.592826][T13620] ? __pfx_do_sys_openat2+0x10/0x10 [ 483.592880][T13620] __x64_sys_openat+0x174/0x210 [ 483.592926][T13620] ? __pfx___x64_sys_openat+0x10/0x10 [ 483.592982][T13620] do_syscall_64+0xcd/0x490 [ 483.593029][T13620] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 483.593060][T13620] RIP: 0033:0x7fe53bf8eb69 [ 483.593095][T13620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 483.593127][T13620] RSP: 002b:00007fe53cd7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 483.593159][T13620] RAX: ffffffffffffffda RBX: 00007fe53c1b5fa0 RCX: 00007fe53bf8eb69 [ 483.593181][T13620] RDX: 0000000000000001 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 483.593202][T13620] RBP: 00007fe53c011df1 R08: 0000000000000000 R09: 0000000000000000 [ 483.593222][T13620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 483.593242][T13620] R13: 0000000000000000 R14: 00007fe53c1b5fa0 R15: 00007ffcc9d95168 [ 483.593272][T13620] [ 483.593284][T13620] [ 483.867481][T13620] Allocated by task 1: [ 483.871991][T13620] kasan_save_stack+0x33/0x60 [ 483.877053][T13620] kasan_save_track+0x14/0x30 [ 483.882857][T13620] __kasan_kmalloc+0xaa/0xb0 [ 483.887923][T13620] dvb_register_device+0x1e4/0x2370 [ 483.893424][T13620] dvb_register_frontend+0x5a6/0x880 [ 483.899792][T13620] vidtv_bridge_probe+0x459/0xa90 [ 483.905797][T13620] platform_probe+0x103/0x1d0 [ 483.911009][T13620] really_probe+0x241/0xa90 [ 483.916071][T13620] __driver_probe_device+0x1de/0x440 [ 483.921658][T13620] driver_probe_device+0x4c/0x1b0 [ 483.926899][T13620] __driver_attach+0x283/0x580 [ 483.932131][T13620] bus_for_each_dev+0x13e/0x1d0 [ 483.937607][T13620] bus_add_driver+0x2e9/0x690 [ 483.942724][T13620] driver_register+0x15c/0x4b0 [ 483.947615][T13620] vidtv_bridge_init+0x45/0x80 [ 483.952771][T13620] do_one_initcall+0x120/0x6e0 [ 483.957839][T13620] kernel_init_freeable+0x5c2/0x900 [ 483.963245][T13620] kernel_init+0x1c/0x2b0 [ 483.968135][T13620] ret_from_fork+0x5d7/0x6f0 [ 483.973388][T13620] ret_from_fork_asm+0x1a/0x30 [ 483.978447][T13620] [ 483.980881][T13620] Freed by task 13428: [ 483.985327][T13620] kasan_save_stack+0x33/0x60 [ 483.990232][T13620] kasan_save_track+0x14/0x30 [ 483.995222][T13620] kasan_save_free_info+0x3b/0x60 [ 484.000622][T13620] __kasan_slab_free+0x51/0x70 [ 484.005446][T13620] kfree+0x2b4/0x4d0 [ 484.009657][T13620] dvb_device_put.part.0+0x60/0x90 [ 484.015078][T13620] dvb_device_open+0x2a4/0x3b0 [ 484.020154][T13620] chrdev_open+0x231/0x6a0 [ 484.024842][T13620] do_dentry_open+0x97f/0x1530 [ 484.030151][T13620] vfs_open+0x82/0x3f0 [ 484.034351][T13620] path_openat+0x1de4/0x2cb0 [ 484.039045][T13620] do_filp_open+0x20b/0x470 [ 484.043836][T13620] do_sys_openat2+0x11b/0x1d0 [ 484.049063][T13620] __x64_sys_openat+0x174/0x210 [ 484.054302][T13620] do_syscall_64+0xcd/0x490 [ 484.059477][T13620] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 484.066089][T13620] [ 484.068697][T13620] The buggy address belongs to the object at ffff88802a9dfe00 [ 484.068697][T13620] which belongs to the cache kmalloc-256 of size 256 [ 484.085819][T13620] The buggy address is located 24 bytes inside of [ 484.085819][T13620] freed 256-byte region [ffff88802a9dfe00, ffff88802a9dff00) [ 484.100962][T13620] [ 484.103394][T13620] The buggy address belongs to the physical page: [ 484.110349][T13620] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2a9de [ 484.120092][T13620] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 484.129143][T13620] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 484.137849][T13620] page_type: f5(slab) [ 484.143168][T13620] raw: 00fff00000000040 ffff88801b841b40 dead000000000122 0000000000000000 [ 484.153238][T13620] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 484.162719][T13620] head: 00fff00000000040 ffff88801b841b40 dead000000000122 0000000000000000 [ 484.172335][T13620] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 484.182022][T13620] head: 00fff00000000001 ffffea0000aa7781 00000000ffffffff 00000000ffffffff [ 484.190819][T13620] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 484.199973][T13620] page dumped because: kasan: bad access detected [ 484.206944][T13620] page_owner tracks the page as allocated [ 484.213675][T13620] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 25439860728, free_ts 0 [ 484.235155][T13620] post_alloc_hook+0x1c0/0x230 [ 484.240824][T13620] get_page_from_freelist+0x132b/0x38e0 [ 484.247532][T13620] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 484.255168][T13620] alloc_pages_mpol+0x1fb/0x550 [ 484.260228][T13620] new_slab+0x247/0x330 [ 484.265364][T13620] ___slab_alloc+0xd1e/0x1780 [ 484.270780][T13620] __slab_alloc.constprop.0+0x56/0xb0 [ 484.276954][T13620] __kmalloc_cache_noprof+0xfb/0x3e0 [ 484.283739][T13620] bus_add_driver+0x92/0x690 [ 484.288822][T13620] driver_register+0x15c/0x4b0 [ 484.294140][T13620] usb_register_driver+0x216/0x4d0 [ 484.299803][T13620] do_one_initcall+0x120/0x6e0 [ 484.304654][T13620] kernel_init_freeable+0x5c2/0x900 [ 484.310068][T13620] kernel_init+0x1c/0x2b0 [ 484.314783][T13620] ret_from_fork+0x5d7/0x6f0 [ 484.320007][T13620] ret_from_fork_asm+0x1a/0x30 [ 484.324876][T13620] page_owner free stack trace missing [ 484.330422][T13620] [ 484.333158][T13620] Memory state around the buggy address: [ 484.339402][T13620] ffff88802a9dfd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 484.348003][T13620] ffff88802a9dfd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 484.356428][T13620] >ffff88802a9dfe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 484.365132][T13620] ^ [ 484.370643][T13620] ffff88802a9dfe80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 484.380392][T13620] ffff88802a9dff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 484.390687][T13620] ================================================================== SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 484.466106][T13620] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 484.474371][T13620] CPU: 1 UID: 0 PID: 13620 Comm: syz.0.2719 Tainted: GF R 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(full) [ 484.488450][T13620] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD [ 484.494997][T13620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 484.509913][T13620] Call Trace: [ 484.513546][T13620] [ 484.516967][T13620] dump_stack_lvl+0x3d/0x1f0 [ 484.523650][T13620] vpanic+0x6a3/0x780 [ 484.528391][T13620] ? __pfx_vpanic+0x10/0x10 [ 484.534004][T13620] ? __pfx_vprintk_emit+0x10/0x10 [ 484.539332][T13620] ? dvb_device_open+0x36a/0x3b0 [ 484.544576][T13620] panic+0xca/0xd0 [ 484.549276][T13620] ? __pfx_panic+0x10/0x10 [ 484.553899][T13620] ? dvb_device_open+0x36a/0x3b0 [ 484.558867][T13620] ? preempt_schedule_common+0x44/0xc0 [ 484.564919][T13620] ? preempt_schedule_thunk+0x16/0x30 [ 484.570933][T13620] check_panic_on_warn+0xab/0xb0 [ 484.576471][T13620] end_report+0x107/0x170 [ 484.581137][T13620] kasan_report+0xee/0x110 [ 484.586128][T13620] ? dvb_device_open+0x36a/0x3b0 [ 484.591581][T13620] ? __pfx_dvb_device_open+0x10/0x10 [ 484.597695][T13620] dvb_device_open+0x36a/0x3b0 [ 484.602688][T13620] ? __pfx_dvb_device_open+0x10/0x10 [ 484.608354][T13620] chrdev_open+0x231/0x6a0 [ 484.613527][T13620] ? __pfx_apparmor_file_open+0x10/0x10 [ 484.619890][T13620] ? __pfx_chrdev_open+0x10/0x10 [ 484.626089][T13620] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 484.633711][T13620] do_dentry_open+0x97f/0x1530 [ 484.638684][T13620] ? __pfx_chrdev_open+0x10/0x10 [ 484.644015][T13620] vfs_open+0x82/0x3f0 [ 484.648664][T13620] path_openat+0x1de4/0x2cb0 [ 484.653805][T13620] ? __pfx_path_openat+0x10/0x10 [ 484.659219][T13620] ? __lock_acquire+0xb8a/0x1c90 [ 484.664728][T13620] do_filp_open+0x20b/0x470 [ 484.669792][T13620] ? __pfx_do_filp_open+0x10/0x10 [ 484.675633][T13620] ? alloc_fd+0x471/0x7d0 [ 484.680629][T13620] do_sys_openat2+0x11b/0x1d0 [ 484.685614][T13620] ? __pfx_do_sys_openat2+0x10/0x10 [ 484.691033][T13620] __x64_sys_openat+0x174/0x210 [ 484.696079][T13620] ? __pfx___x64_sys_openat+0x10/0x10 [ 484.701756][T13620] do_syscall_64+0xcd/0x490 [ 484.706808][T13620] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 484.713152][T13620] RIP: 0033:0x7fe53bf8eb69 [ 484.718101][T13620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 484.740871][T13620] RSP: 002b:00007fe53cd7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 484.750365][T13620] RAX: ffffffffffffffda RBX: 00007fe53c1b5fa0 RCX: 00007fe53bf8eb69 [ 484.759071][T13620] RDX: 0000000000000001 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 484.767778][T13620] RBP: 00007fe53c011df1 R08: 0000000000000000 R09: 0000000000000000 [ 484.776753][T13620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 484.786589][T13620] R13: 0000000000000000 R14: 00007fe53c1b5fa0 R15: 00007ffcc9d95168 [ 484.796223][T13620] [ 484.799499][T13620] Kernel Offset: disabled [ 484.804010][T13620] Rebooting in 86400 seconds..